IT assurance

Description Needed

IT assurance

A well planned IT assurance strategy can provide the organisation with peace of mind and actionable steps to mitigate security risks. The goal of our IT assurance services is to help you minimise risks and forecast future requirements by examining the effectiveness of your IT systems’ key controls.

Our IT assurance services in risks and control enable the organisation to:

  •  align IT strategies with business goals 
  •  ensure compliance with regulatory and legislative requirements
  •  identify potential operational risks
  •  maximise return on investment on IT assets
  •  develop IT roadmaps that prioritise key IT projects
  •  increase effectiveness of technology
  •  improve management controls

A comprehensive assurance review requires auditors who understand the world in which businesses operate, and how internal and external influences impact business success.

With our rigorous training program and breadth of experience across a wide range of clients and assurance engagements, we understand the range of business issues and risks that need to be considered during any audit or assurance engagement. Even with this experience behind us, we regard each engagement as unique. We carefully examine all factors, compliance and risks, and provide detailed advice and guidance throughout the engagement.

Our Services

  • Governance, Risk and Compliance (GRC)
    Review and assess the organisation’s IT control environment incorporating the frameworks of CoBIT and ISO/IEC27001.

  • Statement on Auditing Standards (SAS) 70 Type I/Type II
    Provide an independent review of a service organisation's control design and testing of effectiveness of a service organisation's processing controls.

  • Sarbanes-Oxley (SOX)
    Assess compliance with the financial disclosure and internal control requirements of the Sarbanes-Oxley Act of 2002 and related Securities and Exchange Commission (SEC) rules.

  • ISO/IEC 27001 (ISMS)
    Provide an independent review of the organisation’s readiness to undergo a ISO/IEC 27001 review.

For non-audit clients, our advisory teams also provide consultancy for the implementation of various audit standards. Our services include the following:

  •  project management
  •  risk assessment
  •  change management
  •  control environment assistance
  •  documentation support
  •  design and execution of solutions
  •  quality assurance and review activities

Germaine Seah Siew Pei

T: +65 6511 1464

© 2010 Foo Kon Tan Grant Thornton LLP – All rights reserved