General & IT Audit

Internal Auditors are a vital part of good governance in any organization in all business sectors

Shifting from Policing to Partnering

Internal audit is evolving from a risk and control function to a trusted advisor that drives insight and influence across the organization

With a strong board relationship, internal audit can help the board spot new risks early

Benefits of Outsourcing or Co-sourcing the Internal Audit Function

Outsourcing and co-sourcing the internal audit function offer organizations benefits like cost savings, access to specialized expertise, enhanced objectivity, and increased flexibility. These approaches also allow companies to scale their audit resources efficiently and free up internal resources for core business activities.

An IT audit is a comprehensive evaluation of an organization's information technology governance, risk management, infrastructure, systems, operations, policies, and controls.

Its purpose is to ensure that IT controls are in place and working effectively to protect corporate assets, maintain data integrity, and align with the business's goals.

There are generally two main branches of IT audit with shared commonalities in terms of key review areas, audit techniques and methodologies.

IT audit that focuses on IT controls over financial reporting, also known as an audit of Internal Controls over Financial Reporting (ICFR), is a specialized review to ensure a company’s accounting information systems can produce reliable and accurate financial statements. The IT controls examined in this type of audit fall into two main categories of IT general controls (ITGCs) and IT application controls (ITACs).

IT audit with a strong focus on the examination of an organization's information technology operations (including operating performance and efficiency, systems life cycle, disaster recovery and business continuity plans), IT infrastructure to identify and mitigate security risks. Cybersecurity audits fall under this category. Cybersecurity essentials are used as audit criteria to assess vulnerabilities, ensure best practices in cyber hygiene and enhance the security posture of an organization's IT systems.

Our IT Audit Services focuses on at least one or more of these domains:

IT Governance and Risk Management

Information System Operations and Resilience

Systems Life Cycle

Information Asset Protection

Information Technology General and Application Controls (ITGC & ITAC)

Cybersecurity

The planning, performance and reporting of all IT audit and assurance engagements are carried out according to the IT Audit Framework (ITAF) issued by ISACA

Contact us to schedule a free one-hour consultation to find out more about our internal audit and IT audit services

We advocate the practice of cybersecurity-by-design

“I view cyber security as a key enabler to digitalisation”

“I view it as the brakes on a car. If you want to drive fast, you need good brakes. So if you want to go into the digital world, you need good security.” - Mr David Koh, Chief Executive of Cyber Security Agency of Singapore (CSA)