Paper receipts are a thing of the past. So it is no surprise, then, that annual audits, company audits or internal IT audits also rest to a large extent on IT-supported business processes, IT applications and the IT infrastructure. Our IT Audit & Assurance experts offer you comprehensive support in auditing and certifying your IT systems to ensure the highest security standards and compliance with legal requirements. We furthermore support you with internal IT audits in order to identify and minimise potential risks early on.
dhpg's specialist provide you an expert, system-independent audit. On top of this, we offer you IT compliance audits tailored to your needs to make sure that your systems meet current legal requirements.
We have been supporting owner-managed and family-run SMEs with audits in accordance with the standards of the Institute of Public Auditors in Germany (IDW) for more than 75 years. dhpg has special expertise in IT at its interface with auditing. Each audit team is supported by experienced IT consultants and data analysts. This not only provides an efficient auditing framework - it also generates new insight facilitating forward-looking corporate management.
You won't hear us say: "it depends". Clear answers are our calling card. So you can properly weigh business opportunities and risks.
We see ourselves as your partner - through thick and thin. Positive collaboration on a level playing ground forms the basis for this. From one entrepreneur to another.
Transparent
No manager, no executive is a jack of all trades. Our specialists make things transparent for management. They shed light on areas where action is needed, thus shielding you from unnecessary security and liability risks.
Would you like to get together in a personal meeting? We would be glad to arrange an appointment with you – no strings attached – so we can get to know each other. We look forward to your call or e-mail and to hearing from you.
dhpg will be glad to support you in performing an IT compliance audit.
We carry out audits in accordance with various standards, e.g. the GoBD (generally accepted principles for proper accounting, the General Data Protection Regulation, the ISA's or the IDW auditing standards. In these audits we examine the process as well as internal control system that is used in terms of their appropriateness and effectiveness.
In an annual audit of a client's annual financial statements, we offer the option to have the IT carried out audit at the client's offices, in which the IT system can be assessed with regard inter alia to authorisation management, change management and secure IT operations. The IT audit is based on ISA (DE) 315 (Revised 2019) "Identification and assessment of the risks of material misstatement" (ISA [DE] 315 rev. 2019).
We will also be glad to check your procedural documentation to confirm that it complies with the GoBD. This comes with the option of having your archiving process certified in accordance with IDW PS 860.
Definitely. The IT auditors at dhpg are experienced and certified specialists who usually have degrees in computer science or business informatics or are trained as CISAs (Certified Information Systems Auditors) or as IT auditors IDW. In a comprehensive audit, our auditors look at the IT system and its interfaces, authorisation systems, the internal control system in place, but - and this is even more important - they also look at the control system employed by service providers commissioned by the client to provide outsourced services.
As an element of functional tests performed in the area of infrastructure, dhpg also offers other auditors of annual financial statements and their clients an opportunity to test their own infrastructure or that of their clients by means of a vulnerability test - also referred to as a penetration test. The IT auditor reviews where the company's IT structure is adequately secured or not. The company is then presented with a risk profile and practical recommendations on how to eliminate security gaps going forward.
Due to ever more complex and constantly changing organisational structures and a steadily mounting degree of digitalisation, every company faces the challenge of ensuring that it uses of proper IT systems and IT-supported business processes and has secure IT operations, including a well-developed internal control system. IT certification in accordance with auditing standards such as IDW PS 850, IDW PS 860, IDW PS 880, IDW PS 951 or international standards such as ISAE 3000 or ISAE 3402 can support a company in demonstrating compliance with the required criteria. IT certification carried out by auditors ensures the security and compliance of IT by means of targeted audit measures specified in these standards.