IT audits are like regular audits: the better control you have over supporting documents and documentation, the smoother the audit process will go.
That's why it's important that you have IT policies and procedures for information security in place and that execution is high on the to-do list.
When you first get a declaration, the declaration process may be preceded by a maturation phase. You may have some sound processes in place, but they may not be written down or the execution well documented. Here we are ready to guide you on the right path.
In the following years, you will get to the declaration process faster. However, there is more focus on proving and documenting that your processes and controls have worked during this period. A strong declaration therefore requires an ongoing focus on information security management throughout the year.
The declaration process always concludes with a review of our observations, recommendations and comments.
The declaration process itself typically takes 3-4 weeks, depending on how many resources you as a company can make available along the way.
In general terms, the process works like this:
1. Clarification
We'll discuss your needs and clarify which type of IT auditor's report is right for your business.
2. Preparation
Together with you, we get an overview of the materials. What relevant policies, procedure descriptions, etc. do you have that we can read and review? And is there anything that should be implemented before we start the actual declaration work?
3. audit
In the audit process, we review material and documentation for your controls and procedures. During the process, there will be 2-4 audit meetings where we review questions and requests. The meetings take place either physically at your premises or digitally.
4. Declaration
We issue a statement describing the controls we have tested to provide a high level of assurance
5. Supervision
An IT auditor's certificate always has an expiration date and therefore needs to be renewed regularly. Usually it's once a year. We'll agree when it suits you best.
Read more about IT auditor statements:
At inforevision, we draw on knowledge and experience from a wide range of industries. But our starting point is always the reality of your business.
We are ready to discuss with you how we can best approach the task. Our goal is to ensure high quality and an efficient process with a minimal drain on your resources.
If you want to know more about the different types of declarations, what they require and how they can improve safety and quality in your business, contact us for a no-obligation sparring session.
We are always ready to meet. Let's have a no-obligation conversation about what you and your business need and what we can offer. Just fill in the fields in the form and we will contact you shortly.
You are also welcome to call or email: +45 39 53 50 00 / info@inforevision.dk
Managing partner, state authorized public accountant
+45 21 71 99 87 fa@inforevision.dk
Partner, State Authorized Public Accountant
+45 61 60 28 60 msj@inforevision.dk
Partner, State Authorized Public Accountant
+45 26 27 82 48 mdj@inforevision.dk
Partner, State Authorized Public Accountant
+45 24 21 15 71 jr@inforevision.dk
Partner, State Authorized Public Accountant, HR Director
+45 21 71 99 08 sm@inforevision.dk
Partner, State Authorized Public Accountant
+45 21 71 99 80 vd@inforevision.dk