Purposes and deliveries of this service:
With this service, we will check the client’s IT infrastructure system to ensure that they are good enough to protect the corporate assets, ensure data integrity and mitigate the company’s IT-related risks
Accordingly, we will conduct:
- IT General Control Audit, to ensure all general controls are in place and effective
- Applications Audit, to ensure that all applications are well functioned and highly confidential
- Data Integrity Audit, to ensure that the data could not be interfered while being processed by the system.
Delivery of this service is a report that presents our verification opinion on the client’s IT system basing on the implemented procedures and our findings, if any, with according recommendations about deficiencies of the IT system.
Clients of this service are companies who apply IT system in processing and filing daily transactions (with customers, suppliers, business partners, or internal departments) or in management works or in exporting information for reporting purposes.
The service is delivered with the following steps:
- Kick-off meeting: We discuss with the client to clearly understand the client’s specific demands and requirements, and then provide full explanation to the client about our approach and processes. We agree with the client about the objectives, scope of services, timing schedules, cooperation mechanism, lists of documents to be provided, significant procedures that need attention, … This step can be done through direct meetings or emails.
- Fieldwork (at clients’ offices): After studying the data and documents provided by the client, our experts will carry out necessary procedures, including: (1) IT General Control Audit to ensure all general controls are in place and effective, (2) Applications Audit to ensure that all applications are well functioned and highly confidential, (3) Data Integrity Audit to ensure that the data could not be interfered while being processed by the system.
- Prepare reports: We will prepare the reports as agreed with the client and then send them to the client for review and comment. Meetings will be followed to explain further about the reports.
- Advise the client : How to fix the weaknesses of the IT system?