IT audit and assurance

Our team of experts can independently assess the maturity of the IT environment prior to a certification or IT assurance (SOC/SOC2) audit and provide advice leading clients to compliance with best practices or specific regulations.

Our experts have experience in numerous IT projects in various industries, both in the Czech Republic and abroad. They also inform clients about what regulators and auditors require during certification audits.

Our IT auditors have knowledge that goes beyond IT, and in areas where detailed knowledge of individual sectors is required, KPMG has sector specialists that it can engage in projects.

We can assist in the following areas:

  • IT audits (including pre-assessment and design of corrective actions)
  • IT assurance audits (e.g. SOC and SOC2)
  • IT risk management
  • GAP and impact analysis
  • regulatory and compliance.

An internal IT audit may focus on one or more of the following:

  • access rights administration and management processes
  • programme change processes and management
  • incident and problem management processes and management
  • backup processes
  • business continuity and disaster recovery planning and management
  • processes related to information and cyber security
  • compliance with selected regulatory requirements (e.g. GDPR, Cybersecurity Act, Czech National Bank's prudential decree)
  • supplier or other third party IT outsourcing provider audits
  • data and system migration audits
  • comprehensive audits of key IT processes.
Pavel Kliment - Partner

Pavel Kliment

Partner in charge of Risk Consulting, Chief Operating Officer

KPMG in Czech Republic

Email pkliment@kpmg.cz