IT and data audits

Identifying your present position through strategic steps

Digital is an integral part of every company and identifying its present condition is a critically important process when facing the realities of the 21st century. This demonstrates your readiness and weaknesses in terms of regulation and industry, as well as creating ideas about tactical steps to achieve your strategic goals and take opportunities for transformation.

Our IT and data audits include a comprehensive and detailed investigation of IT infrastructure, systems and systems management around security issues. Based on globally recognised standards and frameworks – ISO, ETSI, COBIT, CMMI, PCIDSS, OWASP, MK442, MK445, FKTK, LB – we will help you determine your present position at industry, national or global level.

 

Information and communication technology (ICT) compliance and audits

Today, information systems (IS) play a key role in ensuring the operation of critical business and government infrastructure. In the era of digitalisation, using critical IT systems for information storage, processing and transmission complicates their protection, especially given the global trend with growing numbers of information attacks that cause a significant loss of funds, property and reputation. To efficiently protect against cyberattacks, companies need an objective assessment of their IS security level – it is for these purposes that we encourage you to use our security evaluation and audit services.

Evaluate your cybersecurity capabilities using PwC’s security analysis service:

  • IT security documentation analysis for regulatory compliance
  • User access and rights analysis
  • End user workstations analysis
  • Network equipment and IT security systems analysis
  • Threat identification
  • Data processing and information leakage analysis
  • Analysis of attacker’s behaviour during attack
  • Network security check using vulnerability scanners and a pentest (an authorised cyberattack simulation)
  • Preparing and improving your IT security documentation
  • Devising a plan for final reporting and eliminating weaknesses.

 

Data discovery and structuring

With most of today’s work being done remotely, companies often use cloud platforms where file sharing and storage is the norm. This poses a challenge for companies needing to know exactly where their sensitive or regulatory data is located and what kind of data it is (structured or unstructured). We also need to understand who is working with this data and who is accessing it, and whether your company needs this data, with more questions that are sometimes even impossible to answer.

Given the mutual compatibility of today’s business processes, data is held across multiple systems, apps, databases and shared files, making their protection, authentication and confidentiality a challenge for companies. Data discovery, classification and efficient management are a range of services designed to fully identify corporate data and ensure appropriate controls are in place to implement best security practice and regulatory compliance measures. This also helps companies choose more efficiently the right systems for data protection and avoid future data leakage incidents and unauthorised access incidents.

PwC data discovery and structuring experts will help you answer all these questions:

  • Where is your data and what kind (structured, unstructured, Cloud etc)?
  • What value does data carry?
  • Can you trust your data?
  • What happened and why?
  • What could happen next?
  • Is knowledge transferred to the right people at the right time?
  • What are your data analytics processes?

 

Process and infrastructure notation

We cannot imagine today’s business developing without IT. The IT infrastructure in companies is no longer a simple system for supporting corporate operations. It has become a comprehensive and essential part of day-to-day operations and a key driver of success in the future. The IT process and infrastructure notation planning process involves defining and clarifying the IT role in your organisation, as well as identifying necessary IT systems, software and processes. We also consider the workforce that is necessary for successful business IT development.

PwC Process and Infrastructure Notation service focuses on solutions that can improve the quality and cybersecurity of your corporate services and even optimise the cost of your IT operations:

  • Notation of the present and future condition of your processes based on BPMN
  • Data categorisation and notation of data flows to provide an improved understanding of IT resources and insights into systems analysts’ day-to-day work
  • Notation of IT architecture, network infrastructure schemes and network segmentations, providing answers about connections between systems and demonstrating the criticality of your resources
 

Contact us

Kristaps Zarins

Kristaps Zarins

Manager, Cyber security and privacy services, PwC Latvia

Tel: +371 67094400

Baiba Apine

Baiba Apine

Director, Head of IT Consulting, PwC Latvia

Follow us