Our team has been built up over a long period of time and predominantly includes staff, who have qualified and worked in technical IT roles and have subsequently been trained as IT and security auditors. This is unique amongst professional services firms – our staff are not internal auditors trying to understand IT and technology – they are technical IT people who have been as auditors.
Our team has the right combination of skills, experience and credibility required to support your organisation. Our team brings proven experience in the co-ordination of large, technically complex, high value and volume IT and security audit assignments. We understand technical application and infrastructure controls and are credible in our interaction with ICT staff and members of the audit committee, internal audit or compliance functions alike
We employ Institute of Internal Audit (IIA) standards in the performance of our internal audit assignments and ISACA (COBIT), Prince 2 (project management) and ISO27001 (security). As members of the IIA and ISACA, these standards form a core part of our IT and security audit methodology. We understand how to apply and these standards in practice rather than just theory.
Our team includes chartered accountants, system engineers, infrastructure specialists, CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), CFIP (Certified Forensic Investigation Practitioner). We employ a specialist team of SAP auditors.
We maintain an internal IT and security audit testing lab facility within Mazars and all staff are required to spend 30% of their time in training and the use of this facility and ensuring that their technical knowledge and practical IT and security audit skills remain current and reflect best practice.
Our IT audit and security services include:
- Outsourced IT audit
- Co-sourced IT audit
- External IT audit support
- Data analysis and interrogation
- IT audit and security
- IT infrastructure audit
- Penetration testing and vulnerability scanning
- IT risk management
- IT forensic support
- Data protection audit
- Third party standard compliance audit