Dedomena Technologies offers forward-looking and progressive Technology Risk Consulting services that commits to ethical and sustainable business practices. We specialize in technology audit and risk solutions designed to protect a business from potential IT-related threats that can impact its operations, finances, and reputation.
Since our establishment, we have opted for organic growth, identifying and targeting businesses that would benefit from our specialized services, rather than pursuing aggressive expansion strategies or mass marketing.
Our niche independent consultancy delivers expert counsel and strategic guidance while implementing practical and tailored IT risk management solutions that generate positive outcomes for our clients, partners, and their evolving communities.
Focusing on operational resilience, our technology risk management solutions caters to all aspects of business functions and activities, extending beyond accounting and financial systems.
Difference between Risk Consultants and Corporate Services Providers
Risk Consultants primarily focuses on identifying and assessing operational and technological risks, and diving deep into potential threats and vulnerabilities to protect the business and its value, while Corporate Service Providers manage administrative and support functions such as accounting, corporate secretarial and tax that enable the business to operate in accordance with regulatory requirements.
As risk consultants, we recommend the implementation of risk strategies that leverage compliance as a strategic asset and major source of competitive advantage —a powerful business enabler and driver of organizational value, rather than seeing it merely as a "cost of doing business.
Strong risk governance acts as a "passport," allowing companies to enter highly regulated global markets faster than less-prepared competitors.
In present days, risk consulting is recognized as a broad-based business discipline. While its roots are in accountancy, it has evolved to other business fields or professions to address a wider array of organizational risk related topics, including technology and information security (including cybersecurity), data privacy, business strategies and operational resilience.
There is no universal requirement for a risk consultant to be a qualified accountant (e.g., CPA or CA). Risk professionals come from various fields such as Finance, Business Administration, Information Technology, Data Science, Law, and Engineering.
Our IT Risk Services
*
Our IT Risk Services *
DPO-as-a-Service
Basic Services Package
We assist organizations with their data protection self-assessments through the use of PDPA Assessment Tool for Organizations (PATO) and implementation of the Data Inventory Map (DIM), while providing guidance on identifying gaps and recommending areas for improvement with remediation strategies.
Review privacy statements, front-facing policies, forms and data protection documents.
Provide PDPA advisory services, training and education programs to all staff members based on the Personal Data Protection Commission's (PDPC) Advisory Guidelines on Key Concepts in the PDPA.
Advanced Services Package with add-on
o Provide advisory and render assistance in the implementation of the Data Protection Essentials (DPE), Data Protection Management Programme (DPMP), Data Protection by Design for ICT Systems, and Data Protection Impact Assessment (DPIA).
o Review internal data protection policies, procedures and control documents.
o Training and education program extended to include the Advisory Guidelines on the PDPA for Selected Topics and the Guide to Basic Anonymization.
o Provide advisory and render assistance in the implementation of Advanced Data Protection Practices in accordance with the PDPC's Guide to Data Protection Practices for ICT Systems.
PDPA Audit
A systematic assessment of the organization’s data protection policies, practices and detailed procedures, conducted based on a risk-based internal audit methodology, evaluates compliance with the Data Protection Obligations under the PDPA. This review identifies compliance gaps and risks in data protection practices through controls testing and provide recommendations for remediation according to the PDPA and data protection best practices.
IT Audit and Risk Assessment
(A) An independent technology audit encompassing audit program development, execution of test procedures, and issuance of formal reports, detailing findings and proposing remedial measures for enhancement to IT controls, systems, modifications, and upgrades.
(B) Attest to the internal risk and control self-assessment conducted by the organization on its IT infrastructure and systems by formally validating the assessment methodology and results.
(C) Our Data Protection Officer (DPO)-as-a-Service and PDPA Audit service always incorporate an IT risk assessment component, with scope and depth tailored to meet specific client requirements.
IT Audit for Statutory Audit
IT audit performed to support financial statement audit by examining the technology that handles accounting data.
Singapore Standard on Auditing (SSA) 315 (Revised) requires the auditor to identify and assess the risks of material misstatement in the financial statements through understanding the entity and its environment, including the entity’s IT control. With an in depth understanding of the entity’s IT environment, it enables the auditor to identify the IT risks, and to design and implement appropriate audit responses to address those identified risks.
Leveraging our specialized IT auditing expertise, we provide support to Public Accounting Corporations (PAC) in the evaluation of their audit clients' financial system controls in their effectiveness in safeguarding assets, and preventing or detecting material misstatements, enabling the external auditors to determine the nature and extent of audit procedures.
Cybersecurity Consulting
We help organizations measure and track their progress in the implementation of the Cybersecurity Health Check tool developed and launched by the Cyber Security Agency of Singapore (CSA), recommending solutions to close any gaps identified and enhance cybersecurity controls in enabling organizations to attain the Cyber Essentials certification.