IT governance (COBIT)
I. IT governance
With the help of the IT Governance Check, BDO inventories your current situation regarding IT governance, IT risk and IT compliance. The result is an assessment of the current situation with regard to internal and external requirements. The inventory is made on the basis of your previous organisational and documentation structures.
After discovering the actual situation, we collaborate with you to develop a package of measures that will put you in a position to meet all requirements.
II. IT risk analysis
BDO offers its customers and clients an approach that illuminates all critical areas in IT in a first step in order to identify weaknesses and to define tailored solutions.
A company’s legal representatives are responsible for achieving corporate objectives in accordance with corporate business policy.
The IT processes and IT systems deployed are critical to achieving these objectives. Appropriate arrangements need to be made to manage the risks that are inherent in the use of IT in the following areas of IT:
- IT strategy/IT environment
- IT organisation
- IT infrastructure
- IT applications
- IT-based business processes
- IT monitoring system
- IT outsourcing/contractual arrangements
- Internet use
To do this, an appropriate internal control and management system needs to be set up, thus ensuring effective protection of the company’s assets and the legal representatives.
We support you in your objective of improving or establishing an appropriate monitoring and control system with an inventory and risk analysis of the stated IT areas (see also establishing an internal control system (ICS) in line with current standards). Our recommendations are based on standards proven in practice, COBIT (Control Objectives for Information and Related Technology), ITIL (IT Infrastructure Library) and other national (e.g. IDW standards, Institute of Public Auditors in Germany) and international standards (e.g. SOX, Sarbanes-Oxley Act).
III. Risk management system
Capable accounting systems are indispensable for controlling and monitoring business performance. Board members and managing directors need timely, reliable and meaningful information to be able to reach decisions and provide leadership.
BDO evaluates the security and reliability of these systems and processes and supports its clients in the establishment of effective risk management.