We assist organisations in understanding risks associated with IT and emerging technologies and gaining assurance on controls pertaining to internal, regulatory and extended enterprise requirements.
Our team possesses a wide range of skill sets around IT infrastructure, ERP’s, custom developed applications, service organisation controls and evolving digital technologies along with industry and sector specific capabilities. We offer a broad range of services, including:
IT controls evaluation conducted as a part of the organisations internal controls programs is key to identifying and ensuring clients response to risks arising from information technology and the digital ecosystem in which they operate.
Deloitte can support clients in IT risk assessments and in performing design and operating effectiveness reviews for IT General Controls and automated controls across various ERPs and custom-built applications. Depending on client specific requirements this also includes data migration reviews, interface controls reviews, access and functional segregation assurance.
An organisations controllership, information technology and security functions need to be risk intelligent in order address risks arising out the technological changes.
Deloitte’s team of IT risk specialists support clients in improving IT processes and controls, to effectively identify, understand and implement relevant internal controls methodology and processes.
Outsourcing operations does not transfer the risk associated with that process. The organisation that is outsourcing (user entity) continues to remain responsible for governance, risk management and compliance for the processes / operations now managed by their service provider. Regulators and industry bodies are focused on addressing the risks arising out these changes. In this context, service providers (service organisations) build trust and confidence in the services performed and the associated controls through system and organization controls (SOC) reports.