Elevated audit of technology services
BDO’s IT centre of excellence provides IT audit & assurance, IT advisory, data analytics and technology business services to both the private and public sectors.

As information systems are now used in even the smallest entity, automated business processes introduce both opportunities and risks to large and small organisations - hence the need for a careful assessment of risks and controls.

The opportunities
The speed at which organisations across the globe have embraced the use of information technology (IT) during the past 20 years is evidence enough that the business, government and non-profit sectors have noticed the opportunities that come with the use of automated systems. With the term ‘computer system’ we also include the use of sophisticated networks, databases, the Internet, e-commerce functions, enterprise resource planning (ERP) systems, mobile applications and more.

Where used properly, information systems have elevated effectiveness and efficiency in organisations. For example, medical scheme administrators have realised the power and benefits of electronic data interchange (EDI) claim submissions. As a result, large South African schemes process most of their claims electronically today – without any human involvement. Higher accuracy in claim assessments and a smaller staff component count among the benefits experienced by these institutions.

The risks
Unfortunately, there is a downside to any opportunity, namely the inherent risks associated with the opportunity. Along with the opportunities that the use of IT systems brings, come the risks. A risk poses the threat of damage and loss to a business and, by the same token, IT risks have the potential to cause damage to, and loss of, automated systems and data, as well as, eventually, the business or organisation.

The final impact of any risk that has materialised is profit erosion. An e-commerce web site that has been hacked would, for instance, result in negative publicity. Negative publicity leads to customer aversion, customer contraction, less sales and ultimately less profit. IT risks should therefore be identified and controlled. Manual and automated controls should be implemented to prevent or detect the occurrence of identified risks and minimise the damage and loss of occurred risks.

Our services
BDO’s services are not only designed to help clients capitalise on IT opportunities, they also address all the relevant IT risks by evaluating the effectiveness of their manual and automated controls – in order to reduce the occurrence and impact of potential risks.

ITC Brochure