Statement for markets

IT Audit

Information systems strengthens an organisation’s financial and operational processes. In this field of increasing IT infrastructure demands, persistent IT security threats, constantly changing business conditions, and compliance with legislation and regulation that disrupt the business operations, organisation’s need for IT and information assurance is vital. Our IT Audit services were built to address concerns in company’s operations, processes, and systems. We create business solutions that can help your organisation mitigate the risks to support the company and its business objective, promote efficiency and effectiveness, and improve IT internal controls. This can include understanding of the organisation’s strategic, operational, reporting, and compliance of the company’s IT investments to improve IT governance processes, IT risk management, and strengthen security. Our services focus on identifying and assessing IT-related controls, review of IT processes, and information systems including Financial Reporting and Accounting Systems.

Our team also conducts IT audits as part of the financial audits which helps the organisation manage and respond to risks. This plays a critical role in helping the audit team and our clients understand IT risks and how it impacts the business and financial reporting. This cover IT General Controls, IT Application Controls, Data Migration reviews, Journal Entry testing of different systems ranging from leading ERP Systems such as SAP, Oracle, Unit4, Sage, Microsoft Dynamics, and NetSuite, to in-house applications created by the clients.

 

CASE STUDIES

Service: IT Audit in External Audit

Our IT Audit team can assist the audit team by providing assurance that the systems and applications used for the financial statements reporting are securely controlled and the related risks of error and fraud are minimised. By utilising the experience, we have built-up from advisory engagements, we assist the audit team with the understanding of complex ERP systems and specific industry processes to quickly identify key controls and understand where risks are most likely to exist. We can support the audit team to help identify the key controls within a client’s business such as banking, insurance, manufacturing, gaming, payment institution, etc.

Service: Third Party Assurance Review (SOC)

Our team can help clients in obtaining service auditor reports against ISAE3402 and SSAE 16 frameworks. We can assist you in understanding and enhance awareness and communicate the implications of a service auditor report. We  can then facilitate  the identification of in-scope control objectives and associated control activities before performing a gap analysis and present several type 1 and type 2 ISSAE reports for the different parts of your business.

Service: MGA System and Compliance Audit

Our team can conduct system and compliance audit as part of the Malta Gaming Authority (MGA) licensing requirements and compliance review aimed at ensuring that operational and business controls are effective in terms of the on behalf of the MGA, for whom, we are approved System and Compliance Auditors.