Secure and trustworthy IT underpins every organisation. IT internal audits help reveal weaknesses, reduce risk and ensure compliance with regulatory requirements – a preventative investment that keeps your IT under control.
Common Challenges Our Clients Have Faced – And We’ve Helped Solve
How to establish an effective
IT internal audit framework
How to meet regulatory obligations
with proportionate internal effort
How to prepare for and pass external audits
and inspections
How to effectively test IT processes and controls
How to use audit results to strengthen
IT governance and risk management
How to ensure independence
and objectivity of Internal Audit
How to implement regulatory
requirements efficiently
How to identify key IT and cyber security risks
How to address the most significant IT
and cyber risks
How to track remediation
and ensure timely implementation
How We Help
References
Audit under the Czech Act on Cybersecurity / NIS2
We designed an audit plan in accordance with ZoKB and mapped it to the company’s internally defined risks. Based on meetings with company representatives and document review, we assessed compliance with the individual sections and articles of the Act. We assigned severity and recommendations to each non-compliance, including a timeline and priority. All findings and recommendations were discussed with Internal Audit and the auditees.
DORA Gap Analysis (including relevant RTS)
We mapped the requirements of the DORA regulation, including the relevant regulatory technical standards (RTS), and divided them into logical units and areas of the client’s internal controls. Through interviews with selected employees and documentation review, we described the current state and compared it with the state required by the regulation. For the identified gaps, we set priorities and an action plan, and we also calculated maturity across the five basic DORA domains.
Risk Analysis Review
We reviewed the risk analysis methodology according to the requirements of DORA and the related RTS. We checked the client’s risk analysis, including the completeness of identified risks, verified the proposed remedial measures and their status. The output was a final report in accordance with DORA and applicable legislation.
COBIT-based Process Maturity Assessment
Using the maturity model of the COBIT framework, we assessed selected IT processes. After discussion and presentation to the company’s management, we defined the steps needed for the company to reach the desired level of maturity in the selected priority processes.
Contacts
