Technology assurance

The past two years have seen a re-emergence of large scale corporate investment into IT systems. These projects are becoming increasingly complex and many companies have no real understanding of the technology risks they are facing. The pace of IT change, regulatory pressures and increasing dependency on IT also represent a significant challenge for companies. As a result the Board is looking for a higher level of assurance than ever before.

These issues are examined in our recent IT risk survey which challenged whether companies had a complete picture of IT related risk.

We help clients respond to these issues. We design and implement IT risk and control solutions that protect the business and reduce compliance cost. We also provide independent IT assurance to business leaders and third parties.

Potential issues

• You are not confident that technology risks within your organisation are properly identified and controlled
• You are unsure of the impact IT risks might have on your organisation
• You are rationalising or re-implementing Enterprise Resource Planning systems (such as SAP and Oracle) and wish to ensure that risks are identified and addressed
• Your projects include complex outsourcing arrangements and you need assurance that risks are identified, measured and managed effectively
• You have become more sensitive to IT security issues or suffered a recent embarrassing lapse in security
• Poor data quality is impacting the effectiveness of your processes and decision making

How we can support you

We add value throughout the technology risk universe by:

• Helping companies identify IT risks and understand their impact in a strategic context, including alignment with business objectives
• Delivering fresh perspectives to the Board on how to integrate its approach to governance, regulation and compliance
• Providing assurance that a robust risk assessment and management framework is in place to manage IT risks, including process improvement and controls optimisation
• Scrutinising ERP and business systems on various levels to provide assurance on governance, implementation, data migration and overall alignment with business objectives
• Providing assurance over the operations and approach of managed service providers in any outsourcing of the IT function
• Providing bespoke reviews and assurance around IT security and controls

PwC's services include

• IT risk assessments and IT controls assurance
• Building IT governance, regulation and compliance solutions
• Independent, objective IT project assurance
• Outsourcing and offshoring risk assessments and risk management strategies
• ERP and business systems controls optimisation
• Security and vulnerability assessments including penetration testing
• Business continuity planning
• Data management strategy, data quality assessments and data cleanse
• IT Internal Audit
• Compliance assessments against industry and global standards including ISO 27001 security standard, Payment Card Industry Data Security Standards (PCI DSS) and the ISO/IEC 19770-1 software asset management standard