Skip to content Skip to footer
Search

Loading Results

IT Risk and Compliance

Optimising risk-driven opportunities

42% of respondents indicate that limitations of their organization's IT systems have a significant impact on their ability to manage risk exposure.

50% of organizations have invested more in IT systems upgrades in response to risk exposure

In today’s competitive business environment, IT systems are critical investments that are essential to running a successful organization. Whether pursuing complex technology transformation, improving operational efficiencies, leveraging data to make insightful decisions, or staying compliant with vast regulatory obligations, businesses are increasingly faced with navigating risks associated with their systems.

 

Key issues

Security of business data in applications

Your organisation's financial and business data is vulnerable if too many people have access to system functionality, if monitoring is poor or if preventive controls are not in place.

Errors can creep into financial and business data and without the right detection and control mechanisms, they may not be found and corrected in time. A security and controls review can help make sure your financial and business data remains accurate, giving you the confidence to make the right decisions.

IT General and Application Controls Review

System Implementation Assurance

Weak controls

Regulators are increasing the pressure on organisations to make sure that their business processes are robust, particularly within finance systems. But this isn’t just about compliance. The accuracy of data and robustness of processes (and the controls around them) are critical to the success of an organisation, whether a regulator actively demands it or not.

Whether you’re implementing a new system and want to be sure that the security and controls are appropriate, or want to be confident that your existing processes and controls are effective, a review of business systems security makes sense. Most internal audit plans cover elements of auditing technology solutions but increasingly, systems security and control assurance demands specific technical knowledge.

IT Governance Review

ERP Assurance

Development of IT Policies and Procedures

IT General and Application Controls Review

Internal Controls Optimization

System Implementation Assurance

Ensuring that IT enabled projects meets its objectives

When you invest in a new system you want to be sure that it starts its life in the best possible shape. That means feeding it clean data, setting out well-defined processes, and rectifying years of poor practice that have built up on legacy applications. But that shouldn't be a one-off exercise.

Our risk-based IT controls review will help protect the integrity of your investment for the longer term. 

System Implementation Assurance

Auditing in the modern IT environment

In an increasingly complex and technical IT environment, internal audit functions can benefit from the addition of key skills and technical insights.

We can provide audit services from highly experienced specialists in SAP, Oracle, Microsoft Dynamics and JDE, and will quickly get to grips with new and bespoke systems.

ERP Assurance

 

Use of technology to optimize processes and controls

Organizations often invest in costly technologies but are not making the most of their investments.

Our controls optimization services helps you identify and replace time-consuming manual controls. Process mining visually reconstructs your end-to-end processes, using your own data, to help you understand how the system works and where the problems are. And when you understand it, you can fix it.

ERP Assurance

Internal Controls Optimization

Use of IT for compliance

Emerging technologies and the increased digitization efforts of organizations also increased the expectation for internal audit and compliance functions to provide value and insights to the business.

With our compliance services, you can have the confidence that the technologies you choose are meeting regulatory and compliance requirements and mitigating any security risks. 

ERP Assurance

Development of IT Policies and Procedures

IT General and Application Controls Review

Having the right IT foundations for the business

Fragmented technology can hold back ideas and prevent your organisation meeting its objectives. If your IT enabled projects are implemented in a standardised way and prioritised well, you can have more confidence that you will achieve your wider business goals.

IT Governance Review

Understanding risk across integrated technology platform

The lack of a common risk language fragments the three lines of defense across the enterprise. This leads to preconceived conclusions and unsound management of risk.

With our IT risk and governance services, we can help your organization integrate risk management across your business units and gain untapped efficiencies with your current resources.

IT Governance Review

Development of IT Policies and Procedures

How we can help

IT Governance Review
  • Aid in aligning IT with organizational goals and strategy
  • Help convert strategic goals into IT projects
  • Aid in project portfolio management, performance measurement and in demand management (demand for IT services by other departments)
  • Optimize IT operations and increase project visibility
Enterprise Resource Planning (ERP) Assurance

Give assurance on ERP systems and improve reliability and functionality at implementation, migration, upgrades and operation. ERP Assurance includes technical configuration review for different application platforms such as SAP, Oracle, JD Edwards, among others.

Development of IT Policies and Procedures Manual
  • Provide clear framework, rules and guidelines for decision-making
  • Provide consistent and clear response in performing control activities
  • Retain institutional knowledge when employee leaves the company


IT Generals and Application Controls Review
  • Improve basic internal controls over IT management practices
  • Benchmark IT practices against global IT framework/standards (e.g COBIT, ITIL)
  • Comfort over integrity and reliability of transactions processed through IT systems

 

Internal Controls Optimization (ICO)
  • Help management assess, remediate and enhance internal control over reporting systems and business processes
  • Review of internal control system and identification of areas for possible improvement

 

 

System Implementation Assurance
  • Project risk assessment to identify key risks and areas for management focus
  • Pre-implementation review of resources, project plans, timelines, central designs, and conversion techniques prior to implementation activities to provide comfort around the project prior to commencement
  • Data migration review for independent testing or data integrity from old to new system
  • Go-live assessment to determine if key implementation activities, including system security and compliance with laws and regulations have been completed prior to cutover of new system
  • Post-implementation review to verify planned outcomes in the earlier stages of the project are in place and operating as intended

 

 

 

Contact us

Maria Rosell S. Gomez

Maria Rosell S. Gomez

Risk Assurance Partner, PwC Philippines

Tel: +63 (2) 8459 3184

Michelle L. Meneses

Michelle L. Meneses

Risk Assurance Manager, PwC Philippines

Follow PwC Philippines

Get in touch with us

Required fields are marked with an asterisk(*)

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.

Hide