IT CONTROL
ASSESSMENT

At MONDIAL, we understand the critical role IT Risk Management (ITRM) plays in optimizing your organization's risk posture.

Mastering IT Risk in a Dynamic Landscape: How MONDIAL Can Help

The IT Risk Management (ITRM) has to operate as a distinct, but integrated function within the IT. Aligning the IT Risk Management (ITRM) with other risk oversight functions such as internal audit, enterprise risk management, and compliance, as well as with regulatory mandates, is an important element in more effectively ensuring that risks are optimised and this is what MONDIAL specialises in.

We understand the complexity of the business environment and we design the IT Risk Management (ITRM) Framework taking into consideration numerous forces, whether external such as regulatory, geopolitical, or market-driven, or internal such as new products, acquisitions, or IT implementations.

  1. Data Privacy and security compliance
  2. Web application security review
  3. ERP/IT Infrastructure and Access Control Review
  4. Review of IT Security covering Physical, Logical and HR Control
  1. Review of ERP (SAP, Oracle, Infor LN / Baan, SunSystems, MS NAV, CRM Solutions, Operational Solutions, HR and various local ERP?s) for business control configuration
  2. SOD Analysis and creation, documenting mitigating controls
  3. Security and Control on custom developed applications

Benefits with our ITRM:

  1. A holistic process for assessing the controls and aligning the IT Risk Management (ITRM)  with the overall risk management framework.
  2. Map business strategy to IT risk strategy to define appropriate IT risk appetite and tolerance.
  3. Our effective IT Risk Management (ITRM) framework would assist in establishing a risk aware culture and methods of working and collaborating to take appropriate action.
  4. Our coordinated approach to IT Risk Management (ITRM) enables information flow and a clear understanding of the risk domains within IT.
  5. Develop and implement mitigating strategies to ensure cost-effective controls.