Our information systems audit service is based on the COBIT 2019 framework. COBIT provides managers, auditors, and IT users with a set of generally accepted measures, indicators, processes and best practices with the aim of maximizing the benefits derived through the use of information technology and developing appropriate IT governance and control in a company. Some of our specialized audit and assurance services include
- General IS/IT Audit –We will Cover everything from the Planning, acquisition and organisation of information resources, the delivery and support of the IS/IT including facilities, operations, utilization and access, the processes surrounding the information systems, the level of effectiveness, efficiency, confidentiality, integrity, availability, compliance and reliability associated with the information assets and the level of utilization of IT resources available within the environment of the IS including people, the application systems of interface, technology, facilities and data.
- Information Security Management Audit – We will evaluate the scope of the information security management organization and determine whether essential security functions are being addresses effectively so that we can provide a comprehensive assessment of the effectiveness of the information security management function withing your organization.
- Data Privacy Audit/Assurance Service – Organizations (both public and private) that collect data have a responsibility to ensure appropriate safeguards over the collection, storage, and purging of the data collected. The data collected is subject to emerging and changing regulatory requirements and this poses a challenge for most organizations. Our Data Privacy Audit checks that all control objectives are met and controls are efficiently implemented in areas of data privacy beginning with data collection all the way through incident management.
- Policy and Compliance Audit – This ensures that your organization is fulfilling the regulatory requirements regarding information/data protection in your particular jurisdiction. We will audit your processes and controls to ensure compliance while also helping you file all the relevant reports with the appropriate authorities.
- Application Audit – We carry out an independent assessment of the efficiency and effectiveness of the design and operation of internal controls and operating procedures identifying application-related issues that require attention.
- Cyber Security (anti-cybercrime) Audit – We will assess the effectiveness of the cybercrime prevention, detection and incident management processes, policies, procedures and governance activities within your organization. Our will focus on cybercrime management standards, guidelines, and procedures as well as the implementation and governance of these activities.
- Software Assurance Audit – We will evaluate the effectiveness of software assurance governance, development process and methodology, verification and review, and deployment of the software end-product.
- Biometric Systems Audit/ Assurance – We provide an expert assessment of the effectiveness of the architecture and security of the deployed biometric systems and their proper alignment with the enterprise’s IT security policies, information systems architecture, information asset criticality and industry good practices. We also check your organization’s preparedness in the event of an intrusion or major failure of one or more biometric systems.
- Mobile Computing and BOYD Audit – In this age where organizations are increasing encouraging their team members to use their own devices and to work remotely, our Mobile computing and BOYD audit will assess your BYOD policies and procedures and their operating effectiveness, identify internal control and regulatory deficiencies that could affect the organization and identify information security control concerns that could affect the reliability, accuracy and security of the enterprise data due to weaknesses in mobile computing controls.
- Outsourced IT Audit/Assurance – Organizations are choosing to concentrate on their core capabilities, cost reduction and the ability to tap into specialized resources by outsourcing their IT function. Our outsourced IT audit program provides an assessment of the effectiveness of numerous aspects of an outsourced IT strategy.
- Penetration Testing– We carryout both Black box and white box penetration testing to determine areas of possible entry for intruders so that you can implement appropriate controls.