Skip to main content

IM&T Assurance

Man using a laptop

Information Governance controls, together with IT processes and controls are key to safeguarding assets, maintaining data security, integrity and the operational effectiveness of an organisation.

We have a team of QiCA and CISA qualified Audit staff who can offer advice and guidance on all aspects of IM&T assurance.

In addition to assessing current computer applications, IM&T Audit consults on the development and implementation of new systems to ensure that internal controls are established and comply with industry standards.  As part of this we have supported NHS Wales in the implementation of a number of national projects including the E-financials oracle business suite and E-Expenses through on-going advice on controls design and formal gateway reviews.

We also undertake specific reviews designed to improve information governance and controls in the following areas: -

  • Information Governance e.g. Data Protection Legislation/Freedom of Information compliance;
  • Records management/ Caldicott Guardian compliance;
  • Strategic management and IM&T Strategy development;
  • IM&T risk management processes;
  • IM&T project management;
  • Information Security and General IT Control Environment;
  • Application and systems controls;
  • Networking and IT infrastructure;
  • Data Quality;
  • Disaster Recovery and Business Continuity arrangements;
  • Compliance with best practice e.g. ITIL/COBIT/ISO27001/Cyber essentials;

We also undertake interrogation of business critical systems using Computer Assisted Audit Tools and Techniques. In addition, we provide a data analytics service which can help an organisation to provide insights to its operations by developing deeper understanding of risks and controls effectiveness.