Skip to main content

IT internal audit

Strategic plan using a risk-based approach

The ever-increasing complexity of information and communication technology (ICT) and security risks presents new challenges for an organisation’s internal controls function, including Internal Audit (IA).

Contact Us
Submit RFP

Introduction

Recent regulatory developments in the financial sector such as the CSSF Circular 20/750 implementing EBA Guidelines on ICT Security and Risk Management emphasize the importance of the internal audit function to provide independent

assurance on the control environment effectiveness to the management body.

In this context, effective information technology internal auditing requires thorough planning coupled with nimble responsiveness to quickly changing risks. Following a risk-based approach, an organisation’s IA plays a critical role in helping review and provide independent assurance that ICT and security-related activities are compliant with organisation’s policies, procedures, and external requirements.

Supervisory authorities (in Luxembourg and Europe) monitor closely how organisations cover their ICT risks when defining their multiannual internal audit plan using a risk-based approach.

Learn more about how Deloitte can help you (attached flyer) and do not hesitate to contact one of our experts.

Explore Risk Advisory Services

Recommendations

EMEA Model Risk Management Survey

Model risk management continues to increase in importance, as banks rely more on models than ever. Recent global events such as the COVID‑19 pandemic have also revealed the weaknesses of our models and model risk management practices when the environment around us changes quickly.
Research
minute read
Explore our thinking

Get in touch

Stéphane Hurtaud

Partner | Cyber Risk Leader
+352 45145 4434

Laureline Senequier

Partner | Risk Advisory
+352 45145 4422

Antoine Reginensi

Manager | Human Capital
+352 621 293 023

Laurent Berliner

Partner | Risk Advisory
+352 45145 2328