• English (United Kingdom)
  • Thailand (Thailand)

Language Selection

IT Risk & Regulatory Service (IT Audit)

The growth and pervasiveness of IT systems, such as Enterprise Resource Planning (ERP), has increased significantly due to the value they bring with respect to efficiency and effectiveness. However, just as with the implementation of any new system (technical or manual), new risks are introduced. Key assurance areas are, data integrity, data confidentiality, and data / systems availability.

An independent audit verifying that best technical practices (“IT General Controls”) are in evidence mitigates these risks and thus helps assure the reliability of financial statements driven by the data

What is IT governance?
IT governance plays an integral role in overall enterprise governance and consists of the leadership and organizational structures and processes. If properly implemented, they should serve as a complementary function to forward the vision and mission of the enterprise as a whole.

Definition of IT Governance Institute

IT governance (ITG) is defined as the processes that ensure the effective and efficient use of IT in enabling an organization to achieve its goals. IT demand governance (ITDG—what IT should work on) is the process by which organizations ensure the effective evaluation, selection, prioritization, and funding of competing IT investments; oversee their implementation; and extract (measurable) business benefits. ITDG is a business investment decision-making and oversight process, and it is a business management responsibility. IT supply-side governance (ITSG—how IT should do what it does) is concerned with ensuring that the IT organization operates in an effective, efficient and compliant fashion, and it is primarily a CIO responsibility.

Definition of Gartner

Why would you want to do an IT audit?
Reasons include:

  • Validating the value proposition of investments in IT systems
  • Mitigating quality issues or questions with respect to information produced by IT systems
  • Verifying internal controls over financial reporting to assure they are designed, implemented, and working effectively

Our services
Our service for IT Audit can be act as internal auditor or external auditor (financial statement audit). We can also conduct an attestation engagement with respect to IT strategy in the areas of asset safeguarding, maintaining data integrity, and effective operations. Technical overviews include IT operation, Hardware, Software, Database, Network, System Development, Information Security, Outsource Vendors, Continuity Plan.

Our services include but not limited to:

  • IT audit services
    • IT General Control Audit
    • Application Control Audit
  • IT Internal Audit & Compliance (Co-/Outsourcing)
  • IT External Audit & Compliance (Co-/Outsourcing)
  • IT Project Advisory

We follow the Control Objective of Information and related Technology (CobiT) established by Information Systems Audit and Control Association and IT Governance Institute (ITGI)

For further information, please feel free to contact us:
Email: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
+66 2 729 0593
Name: Parichard Tangngoen

<< Back to our services