IT assurance is the foundation upon which many organisations ensure that their IT environment is operating effectively, providing certainty that information required for important decisions is reliable, confidential, secure and available.

We provide a number of different types of IT assurance engagements including:

	IT general control (ITGC) reviews which typically focus on network, operating system, database, and application security controls; programme and change management controls; and IT operational controls.
	Application control reviews which assess how valid, reliable, timely and secure input, processing and output is at all levels of a system's activity.
	Project reviews which examine IT projects such as systems development, migration or implementation projects to see if the key project risks are considered and managed in accordance with accepted standards for systems development
	Third party assurance reviews (which often include business processes as well as IT) to ensure that risks are managed effectively and that the impact of third party activities on operations and management statements and representations are understood by management. These reviews can take the form of SAS70, AAF or ITF reports as appropriate. In addition, clients should start considering the potential impact of the new international standard, ISAE 3402.

Our IT assurance services focus on identifying risks and identifying or assessing the activities in place to help reduce or mitigate risks. These services are delivered by a team of experienced professionals well versed in IT governance frameworks such as Control Objectives for Information and related Technology (COBIT®) to help ensure proper control and governance over information and allied systems.