Please note…

You are now on the ey.com Middle East and North Africa site. To return to the ey.com United States site or other country site, click on the Middle East and North Africa (English) link on the upper right of this page, and select your preferred country site.

x
Skip to main navigation

IT risk and Assurance - Ernst & Young - Middle East and North Africa

IT Risk and Assurance

 

Our IT risk and assurance professionals help organizations address the challenge of managing IT risks in a way that is in line with their business strategy. With extensive experience in this arena, our teams draw on in-depth technical and IT-related risk management knowledge from our global organization to help our clients and their stakeholders gain confidence that their organization’s key IT-related risks are identified, understood and managed effectively.

We offer tailored services, covering IT risk assessment and management, security and privacy through to review of controls over specific enterprise resource planning (ERP) systems and third parties. We identify the right way to work with you and offer services via independent outsourced or teaming arrangements, to supplement internal functions or provide objective guidance and challenges.

Our professionals provide independent, impartial assistance in IT and across the business, bringing insights from our work with commercial and government organizations, as well as knowledge of industry leading practice, regulation and financial audit requirements.

Our primary IT risk and assurance services include:

Our primary services are all supported by the following key competencies:

  • Program management
  • Strategic direction
  • People and organization
  • IT advisory
Careers

IT Trends: Increasing flexibility through IT outsourcing

The current economic environment is driving many companies to investigate the options available for reshaping and restructuring their IT function. In this article, we look at the potential benefits and risks associated with outsourcing the IT function to a service provider (pdf, 3.1mb).

A highway through the forest

A risk-based approach to segregation of duties

This May 2010 publication, from our Insights on IT risk series, provides clear guidance on a sound risk-based methodology that integrates IT and financial controls, resulting in an approach that is both manageable and cost effective.
Business man talking on the phone

Countering cyber attacks

Traditional methods of providing security are not enough to protect against "Advanced Persistent Threat" attacks. Organizations should consider measures to detect and react to successful attacks.
="Waves crashing at lighthouse, Sunderland, Tyne and Wear, England" altwidth="156">

Top privacy issues for 2010

Top privacy issues for 2010 details updates on privacy concerns, with developments of the ongoing changes in the privacy and data protection landscape.
Doctor Looking at X-Ray

Approved Statement on Standards for (SSAE) No. 16

Planning for the new service organization reporting standards (Jan 2010) summarizes the key elements of the new standards and identifies specific actions that organizations should take to prepare for them.

Laura Bueno

Contacts

Bobby George
IT Risk and Assurance Services Leader
bobby.george@sa.ey.com 

Top privacy issues for 2010

Every organization that handles personal information — whether consumers, customers, employees or business partners — faces many obligations related to privacy and protection of information.
Back to top