Information Technology Risk Services

View this page in: Türkçe

Özkan Kıvanç

Information Technology Risk Services Leader

Follow the change with us

Factors like rapidly changing technology, variable customer requirements, regulations, competition, and agility bring enterprises face to face with new risks and in constant need of change.

With a team of professionals who are experienced, expert in their field, results-oriented, and can access information and best practices instantly as members of a global network, we provide you with a wide range of technology services to help you attain your strategic business targets and maintain supporting, measurably value added, industry specific, tailor made information technology solutions. You can review the details of our services below.

Services

Information Technology Governance Services

Information Technology Governance Consulting Services

If you want your information technology processes to comply with international standards, you must choose and apply the most appropriate international governance framework for you.

We, PwC Risk Assurance Services, as information technology risk experts, can help you in the following ways:

  • with IT organisation, architecture, processes, control, and comparison of other IT structures within the universally accepted IT governance frameworks (COBIT, CMMI, ISO38500, ITIL, Val IT, Risk IT);
  • by presenting recommendations for selection of the appropriate IT governance framework;
  • with compliance of your company's current IT processes and controls with internationally accepted IT governance frameworks and assessment of process maturity levels according to these frameworks; and
  • with optimization of IT costs and resources, preparation and follow up of a roadmap to increase and assess the benefits and added value provided by IT, and to establish IT governance.

Information Technology Strategy Services

To realize your business strategies and reach your business targets it is highly important to define information technology strategies and targets in compliance with these strategies and targets.

We, PwC Risk Assurance Services, as information technology risk experts, can help you in the following ways:

  • define and improve your IT strategy so that it directly contributes to your business targets and requirements and is in compliance with your business strategy,
  • ensure that your business technologies comply with your business needs and adapt easily to the rapidly changing business environment,
  • reassess the role and value of information technology in your company and review its role in your value-added and competitive power,
  • increase the efficiency and productivity of the interaction between information technology and business processes, and
  • review the current IT architecture and identify improvement possibilities in accordance with IT strategy.

Information Technology Performance Management Services

Assessment and management of information technology performance are two of the most important tools to ensure you make the most of information technology and achieve your goals.

We, PwC Risk Assurance Services, as information technology risk experts, can help you in the following ways:

  • ensure the value of information technologies is understood and assessed properly,
  • identify clear and measurable key performance indicators (KPI) and criteria,
  • lay the foundation of a performance management process and system for information technology,
  • measure and follow up information technology performance at the process and control levels and service or system layers, and
  • report on and integrate performance results with the other management processes.

Information Technology Service Continuity Management Services

Costs incurred due to an interruption in your activities may seem insignificant compared to the affect of this interruption on your reputation.

We, PwC Risk Assurance Services, as information technology risk experts, can help you in the following ways:

  • understand your information technology service continuity requirements and identify your priorities with a business-effect analysis accordingly,
  • develop a plan and improve competency regarding business and information technology continuity with corporate information technology service continuity planning which focuses on your business priorities and considers your partners and outsourcing, and
  • develop your current emergency and disaster recovery plans so that these plans take your business requirements, the regulations you are subject to, and global standards (e.g. BS 25999, ISO 22301) into consideration.

License Review and Software Asset Management Services

You need to develop a software asset management process to manage, control, and protect the software assets owned by your company in the most effective way.
We, PwC Risk Assurance Services, as information technology risk experts, can help you in the following ways:

  • as part of a license review process, collect information regarding your software assets using automated tools, and confirm the originality and compliance of the software purchased and licenses in use through comparison;
  • identify maturity levels and improvement steps through software asset management assessment; and
  • achieve step by step improvement regarding software asset management assessment and management of software investments in a way that avoids under-licensing or over-licensing and find the most appropriate licensing model by updating current agreements.

Governance, Risk, and Compliance (GRC) Services

You need to develop a GRC structure to improve business performance in your enterprise, meet comliance requirements by focusing on the right goals, organize the control environment, and ensure effective resource/process management.

We, PwC Risk Assurance Services, as information technology risk experts, can help you in the following ways:

  • assess your GRC structure within the scope of best practices and PwC GRC methodology and identify a roadmap;
  • develop a framework comprising all GRC processes (for example, risk management, internal control, audit, compliance);
  • eliminate extra process and function work by ensuring a simple and focused organisation; and
  • assess and adapt GRC tools so as to enable corporate GRC activities in the organisation including
    • application of GRC technology strategy and roadmap,
    • optimisation of GRC technology tools, and
    • support for GRC technology tools.

Information Technology Audit and Compliance Services

It is important that your information technology processes and controls are audited by independent auditors in order to evaluate how you comply with laws, regulations, and standards and to ensure you do not face any punitive action.

We, PwC Risk Assurance Services, as information technology risk experts, can help you in the following ways:

  • assess compliance between your IT structure, processes and controls, and IT governance frameworks and standards CobiT, ITIL,CMMI, and ISO27001 in terms of business goals and requirements;
  • identify and improve weak points at the design and operation levels for IT processes and controls;
  • review provisions of law, regulations, and agreements your company is subject to;
  • if your company operates in a sector which is subject to inspection as per law, perform independent audit of the compliance of your IT structure with the legislation of regulatory institutions like the Banking Regulation and Supervision Agency, Information and Communication Technologies Authority, and the Undersecretariat for Treasury; and
  • provide support regarding how legislation changes affect your company's IT structure.

Information Technology Assessment Services

Assessment of the suitability and measurability of information technology platforms, provision of system integration, and definition and review of benefits and costs arising from platform consolidation are significant in the acquisition and merger process.

We, PwC Risk Assurance Services, as information technology risk experts, can help you in the ways noted below.

Before merger and acquisition transactions:

  • assess the current situation and the risks related to information technology before the closing of pre-proposals or proposals.

After merger and acquisition transactions:

  • analyse and define information technology plans and strategies, costs, investments, and metrics;
  • define and assess organisation and IT governance;
  • smooth the process of system integration and data transformation; and
  • offer support on licence and agreement issues.

Project Management and Assurance Services

Project Risk, Control, and Assurance Services

You can respond to changing market demands on time if your company changes and transforms constantly. This transformation is possible only with successful projects.

We, PwC Risk Assurance Services, as information technology risk experts, can help you in the following ways:

  • with independent assessment of transformation, including supply management from the beginning through the end of the project keeping globally accepted project management standards in mind,
  • with project assessment services regarding the identification and management of project risks, and
  • with review of supplier contracts and services levels in terms of risk and service efficiency.

Project and Portfolio Management Tool Selection and Process Design Services

Companies which are successful in project management support the project management process by choosing or developing project and portfolio management systems appropriate for their organisation structures and business models.

We, PwC Risk Assurance Services, as information technology risk experts, can help you in the following ways:

  • select the best project and portfolio management tool which is compatible with your organisational structure and business model to make the most of your current or planned investments;
  • identify your company's project management needs and provide recommendations regarding commonly used project and portfolio management tools from our team which is specialised in project and portfolio management systems;
  • during the implementation process, provide competent and sufficient support services through cooperation with supplier firms, assessment of the tool in place with regard to company needs, and provide support services related to the integration of project and portfolio management tools; and
  • design the authorizations on the project and portfolio management tool in accordance with the tasks, good practices, and legislation you are subject to (if any), and identify them in a way that does not pose any operational risk.

Project Management Office and Project Management Process
Implementation and Assessment Services

To have an efficient project portfolio to reach business and information technology goals, the project management office (PMO) which assumes the responsibility for project portfolio management jobs should support management in selecting the right projects and taking the right investment decisions.

We, PwC Risk Assurance Services, as information technology risk experts, can help you in the following ways:

  • after a review of the current structure of your organisation, determine the best place in your organisation for the PMO and prepare job descriptions;
  • analyse the company's project portfolio and the constitution of the PMO communication and reporting mechanism; and
  • assess the maturity level of the current PMO and your project management standards using PwC methodology, and identify areas of improvement.

Project Management Advisory Services

Successful management of projects and programs which are getting more and more complex every day seems to be impossible without a team of experts competent in their field.

We, PwC Risk Assurance Services, as information technology risk experts, can help you in the following ways:

  • identify areas of improvement in your current project management practices by using PwC's project management approach, which is in accordance with internationally accepted project management standards and frameworks (for example, PMI, Prince2); and
  • develop the best project management methodology so that you can reach your business and project goals and provide direct project management support for your complex and strategically important projects with our experienced project managers.

Data Services

Data Assurance Services

If you have difficulties analysing the fulfilment of your performance goals and expectations, making predictions about the future, and taking decisions, this means you need to communicate significant information to your managers using the right analysis methods.
We, PwC Risk Assurance Services, as information technology risk experts, can help you in the following ways:

  • assess data assurance and reporting methods used to reach information,
  • assess business intelligence methods supporting your company's decision making mechanism and design of intelligent reporting infrastructure,
  • assess and comment on metrics developed in line with the company's performance goals,
  • carry out data assurance and make solution suggestions,
  • implement data assurance techniques for problems which occur in certain fields, and
  • assess and develop data loss prevention (DLP) processes.

Data Quality Assessment

The right information should be present with the right meaning in the right format at the right time and in the right place to meet business process requirements.
We, PwC Risk Assurance Services, as information technology risk experts, can help you in the following ways:

  • develop processes regarding data accuracy and integrity,
  • prepare roadmaps to improve data quality,
  • develop processes to follow data quality,
  • assess and improve controls to ensure that data is stored appropriately,
  • assessment security controls regarding places where data is stored, and
  • assessment controls to ensure data is stored in the right place,

Data Transformation and Testing Services

Data transfer and transformation projects which do not focus on business unit and project needs and lack efficient management methodology are destined to fail to meet your business needs.
We, PwC Risk Assurance Services, as information technology risk experts, can help you in the following ways:

  • manage end-to-end data transfer life cycle,
  • understand business unit needs and expectations regarding access to data with a new technical structure,
  • project management of data transfer projects,
  • develop and assess data transfer processes,
  • review agreements regarding data transfer activities which have been signed with third parties,
  • test the accuracy and integrity of data transferred, and
  • provide detailed testing of data related to critical business processes through sampling.

Data Governance Services

In today's constantly changing business world, companies have to make decisions faster than ever before. In order to make faster decisions, you should be able to access the right information in an instant.
We, PwC Risk Assurance Services, as information technology risk experts, can help you in the following ways:

  • identify organisational responsibilities;
  • create policies, procedures, and standards;
  • identify data ownership;
  • create a data classification scheme;
  • create a data glossary;
  • develop controls to ensure data security; and
  • prepare reports regarding the design and follow-up of key performance indicators.