(IT Audit)
INTERNAL IT AUDIT
AND CO-SOURCING SERVICES
Our comprehensive internal IT audit and co-sourcing services are designed to provide a thorough evaluation of your organization's information technology systems, encompassing a meticulous assessment of IT general controls (ITGCs), IT application controls, and technical platforms. This rigorous review enables us to identify potential vulnerabilities, optimize system performance, and ensure compliance with industry best practices and regulatory requirements.
IT General Controls (ITGCs)
A set of broad controls designed to ensure the overall security and integrity of an organization's information technology (IT) infrastructure. They provide a foundation for safeguarding information assets and preventing unauthorized access, modification, or disclosure.
Key areas covered by ITGCs include:
- Network security: Controls to protect the network infrastructure from unauthorized access and attacks.
- Systems development and maintenance: Processes for developing, testing, and maintaining IT systems to ensure security and reliability.
- IT operations: Procedures for managing day-to-day IT operations, including monitoring, maintenance, and problem resolution.
- etc.
Key areas covered by ITACs include:
IT Application Controls (ITACs)
specific controls implemented within individual applications to safeguard the integrity and security of data processed by those applications. They complement IT General Controls (ITGCs) by providing a more granular level of security within specific software systems.
Technical Review over Various Platforms
A quality assurance process used to compare a product, system, or process to a set of predefined standards or benchmarks. This type of review helps ensure that the product or system meets industry best practices or standard baselines.
Key areas covered by technical reviews over various platforms e.g., Windows Server, UNIX, AS/400 include:
IT COMPLIANCE AUDIT
- Notification No. Sor Thor. 38/2565 on Rules in Detail on Establishment of Information Technology Systems
- Notification No. Nor Por. 7/2565 on Guidelines on Establishment of Information Technology Systems
- Notification on Guidelines for the Oversight and Management of IT Risks in Life/Non-Life Insurance Companies, B.E. 2563
- e-Policy (Aor Wor. 3) - Attesting to the security of the information system through an independent auditor
- Notification No. Sor Nor Chor. 1/2564 and Sor Nor Sor. 21/2562 on Criteria for Supervising Information Technology Risk
- Notification No. Sor Nor Chor. 6/2561 on General Guidelines for the Oversight of Regulated Payment Service Businesses
MakeWebEasy- Home Home
- About us About us
- Our Services Our Services
- Our Experiences & Articles Our Experiences & Articles
- Contact us Contact us