Please note…

You are now on the ey.com New Zealand site. To return to the ey.com United States site or other country site, click on the New Zealand (English) link on the upper right of this page, and select your preferred country site.

x
Skip to main navigation

IT risk and Assurance - Ernst & Young - New Zealand

IT Risk and Assurance

Our IT risk and assurance professionals help organisations address the challenge of managing IT risks in a way that is in line with their business strategy. With extensive experience in this arena, our teams draw on in-depth technical and IT-related risk management knowledge from our global organisation to help our clients and their stakeholders gain confidence that their organisation’s key IT-related risks are identified, understood and managed effectively.

We offer tailored services, covering IT risk assessment and management, security and privacy through to review of controls over specific enterprise resource planning (ERP) systems and third parties. We identify the right way to work with you and offer services via independent outsourced or teaming arrangements, to supplement internal functions or provide objective guidance and challenges.

Our professionals provide independent, impartial assistance in IT and across the business, bringing insights from our work with commercial and government organisations, as well as knowledge of industry leading practice, regulation and financial audit requirements.

Our primary IT risk and assurance services include:

Our primary services are all supported by the following key competencies:

  • Program management
  • Strategic direction
  • People and organisation
  • IT advisory
A highway through the forest

A risk-based approach to segregation of duties

This May 2010 publication, from our Insights on IT risk series, provides clear guidance on a sound risk-based methodology that integrates IT and financial controls, resulting in an approach that is both manageable and cost effective.
Business man talking on the phone

Countering cyber attacks

Traditional methods of providing security are not enough to protect against "Advanced Persistent Threat" attacks. Organizations should consider measures to detect and react to successful attacks.
  

Top privacy issues for 2010

Top privacy issues for 2010 details updates on privacy concerns, with developments of the ongoing changes in the privacy and data protection landscape.
Doctor Looking at X-Ray

Approved Statement on Standards for (SSAE) No. 16

Planning for the new service organization reporting standards (Jan 2010) summarizes the key elements of the new standards and identifies specific actions that organizations should take to prepare for them.

Outpacing change

Threats are growing, of nearly 1900 executives polled, 41% of respondents noted an increase in external attacks and 25% of respondents witnessed an increase in internal attacks. Learn more about our 2009 Global Information Security Survey (pdf, 1.2mb).

Laura Bueno

Contacts

Find your nearest Global Advisory contact.

sand dunes with fence

New information technology is both friend and foe

Explore the 2010 Global Information Security Survey

In a world of anytime, anywhere access to information, traditional security efforts are not enough. Our survey explores the risks and obligations you face to keep information secure.

Top privacy issues for 2010

Every organization that handles personal information — whether consumers, customers, employees or business partners — faces many obligations related to privacy and protection of information.
Back to top