Organisations rely on technology and IT services, but the trust placed in technology is constantly under threat. Data privacy, cyber-security, cloud implementation and third-party assurance, along with ageing IT infrastructure and applications all pose challenges for business continuity.

These new and evolving IT risks must be addressed by well-designed and carefully implemented controls. This is crucial to minimise the risk of regulatory failures, negative reputational impact, financial losses and loss of critical services.

We work with you to understand and manage risks in your existing IT services, as well as helping to avoid pitfalls when adopting new technologies. Our team help keep information assets secure and ensure that your systems and controls are operating effectively. As technology evolves, we continue to invest in new services, skills and control frameworks. For instance, we were the first big four firm to build an artificial intelligence control framework.


Our technology and IT risk services

Technology and data assurance

We help you understand technology risks and how to effectively manage them, providing re-assurance to provide stakeholders. We help you to meet your corporate governance responsibilities.

Our services include IT Internal Audit, Technology Risk Management, Business Systems Controls, Supplier Risk Management, Shared Service Assurance and Operational Resilience.

Assuring technology change

Our team has extensive experience in assuring technology change programmes. We bring methodologies and frameworks combining years of experience in delivering successful technology change programmes.

Our services include Independent Programme Assurance, IT Due Diligence, IT Strategy and Emerging Technology Risk.



We help assess cyber security and data privacy risks. Our team can help design, test and implement controls required to protect against security breaches, including accidents and cyber-attacks.

Our services include Cyber Strategy, Cyber Defence Services, Privacy, and Identity and Access Management.