IT Controls Assurance

Открыть страницу: на русском языке

The IT function represents one of the largest investments that organizations make, both in terms of direct financial spend and ongoing resource commitments. Understanding IT-related risks, successful ERP systems implementations can significantly reduce costs through efficiencies and represent an opportunity to streamline and standardize processes and controls on a global scale. Even with the enormous resources dedicated to implementing and maintaining an ERP, we see many of our clients struggle to build sustainable and compliant accounting and control environments. This often results in very manual, inconsistent, and high-cost control environments. We find that by working with clients during the design and pre-implementation stages of their ERP project, we can evaluate plans and make recommendations before systems go live, when changes are more difficult and more costly.

Issues you are facing Our solutions
  • Challenges of technology and tools implementation;
  • Rapid development of technology and anticipating business changes;
  • Changing of legal requirements;
  • Unauthorised attempts to access confidential data identified;
  • Current system failing to meet internal control requirements;
  • Information system does not meet corporate information security standards.
  • Conducting effective front-end IT risk assessments;
  • Designing effective systems controls;
  • Maximizing configurable controls;
  • Implementing sustainable compliance processes (SoX, J-SoX, euro-SoX);
  • Optimizing control environment (automated vs manual controls): unification, standardization – documentation and application support;
  • Evaluating and designing effective segregation of duties frameworks and mitigating controls;
  • Implementing integrated GRC applications;
  • Delivering ERP audits, and reducing testing time and costs;
  • GAP analysis of information system functionality;
  • Analysis of the quality of information system implementation.


An oil company performed an ERP implementation, without designing an appropriate internal control environment. While the implemented system with a combination of standard and customized functionality, this system was not appropriately mapped to the existing control existing control environment and current business processes.

As a result, the company requested PwC to perform an analysis of its internal control environment in order to more effectively utilize the new ERP functionality. The work included a GAP analysis of the current business process environment and provided detailed recommendations of improving the effectiveness of the control environment through increased utilization of new ERP system functionality.

Client benefits resulting from the engagement were as follows:

  • Increased efficiency of the existing ERP system usage and comfort over accuracy of financial information reports;
  • Transparency of the reporting function providing clear overview of information flows;
  • Increased reliability of management data.


We help clients identify gaps in the internal control environment, conduct IT risk assessments. Additionally, we provide practical solutions as follows:

  • Improve the efficiency of business processes;
  • Increase system automation;
  • Enhance system security;
  • Enable compliance with legal requirements.