We will show you how to achieve compliance with the relevant regulations efficiently and secure your corporate environment. Together, we will set up processes that protect your data and your company’s reputation.
Common Challenges Our Clients Have Faced – And We’ve Helped Solve
How to navigate IT and security regulations
and standards
How to implement regulatory requirements
as simply as possible
How to manage the risks and security
of your suppliers
How to address the most significant risks associated with IT and cyber security
How to secure data
Which regulations apply to you
and to what extent
How to successfully pass IT
and IT security audits
How to secure the capacity
to achieve compliance with regulations
How to implement new technologies
and innovations in the context
of numerous regulations
How We Help
References
Internal IT Audit under the Act on Cybersecurity
We designed an audit plan in accordance with the Cybersecurity Act (ZoKB) and mapped it to the company’s internally defined risks. Based on meetings with company representatives and documentation review, we assessed compliance with the individual sections and articles of the Act. We assigned severity and recommendations to each non-compliance, including a timeframe and priority. All findings and recommendations were discussed with the Internal Audit function and the auditees.
GAP Analysis under the DORA Regulation (including the relevant RTS)
We mapped the requirements of the DORA Regulation in detail, including the relevant Regulatory Technical Standards (RTS), and divided them into logical units and areas of the client’s internal controls. Through interviews with selected employees and a review of documentation, we described the current state and compared it with the state required by the regulation. For the identified gaps, we set priorities and an action plan, and we also calculated maturity across the five basic DORA domains.
Assessment of the Maturity of Selected IT Processes under the COBIT Framework
Using COBIT’s maturity model, we assessed selected IT processes. After discussion and a presentation to the company’s management, we defined the steps needed for the company to reach the desired level of maturity in the selected priority processes.
SOX IT Audit
In meetings with selected company representatives, we went through individual (business) processes and identified automatic and semi-automatic controls already in operation. We proposed additional controls that the client should implement or optimise to better achieve control objectives. Within the defined systems, we tested general IT controls and the completeness/reliability of selected key reports produced by the systems and used by management in decision-making.
