Information Technology (IT) System Assessments

Information technology (IT) system assessments help companies understand risks related to their technology use and identify potential internal control gaps prior to an IT system upgrade or implementation.

The team

Edward Campbell
EY Americas Technology Risk Expanded Assurance Leader
Photographic potrait of David Hinds
David Hinds
Senior Manager, Technology Risk, Ernst & Young LLP

An EY IT system assessment conducted during the initial phases of technology adoption or system upgrade helps identify potential business control and regulatory risks while assessing data integrity. By proactively recognizing gaps and taking measures to address identified risks, organizations can enhance transparency and build confidence in a new or upgraded IT system prior to its implementation.

IT system assessments help management secure an independent view of its risk, controls and data before and after an implementation — leading to more transparency and confidence in the new or upgraded technology system.

EY Technology Risk IT system assessment services are conducted before and after upgrades or during system implementations including:

  • Enterprise resource planning (ERP) assessments (e.g., subledger, general ledger and financial data processing assessments)
  • Consolidation tool assessments
  • Governance, risk, compliance (GRC) and identity access management (IAM) program readiness assessments
  • Human resources system assessments

A typical IT assessment for an IT system upgrade and implementation consists of five essential steps:


The IT System Assessments team

Edward Campbell

EY Americas Technology Risk Expanded Assurance Leader
Experienced IT risk professional. Avid traveler. Enjoys skiing in the winter and summers at the beach.
San Francisco, CA, United States

David Hinds

Senior Manager, Technology Risk, Ernst & Young LLP
Experienced technology audit professional committed to helping build confidence in technology adoption. Love traveling, spending time with family and friends and our dog. Husband and new father.
Detroit, MI, United States

Our latest thinking

How organizations are turning risk into resilience

Survey shows organizations are highly focused on turning risk into resilience with governance and assessments. Read more.

Daryl Box + 1

Why technology implementations call for proactive risk assessments

Technology risk management practices help identify, address and mitigate IT risks. Learn more.

Edward Campbell

Technology assurance: assess risk, build trust and create resilience

Three actions to build confidence, transparency and resiliency while managing technology risk now and into the future. Read more.

Daryl Box + 2
    Contact us
    Like what you’ve seen? Get in touch to learn more.

    EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients.