Auditing, Assurance and IT Consultancies
Dominican Company Guzmán Tapia PKF International has the Department of Audit and Consulting in Information Technology (IT) has over 20 years of experience of its International Consultants IT in banks and prestigious companies in Latin America, with staff Certifications international valid worldwide as CISA, CRISC and COBIT ISACA and CISSP and ISO 27001 Information Security.
The work carried out by our international consultants is based on methodologies and standards such as COBIT, ITIL, ISOs 27001, 27002, 27031, 22301, 12207, 9126, CMMI, PMBOK, PRINCE2, IT Governance and using Software Audit ACL, IDEA, among other internationally recognized.
Guzman Tapia PKF International offers you the following services:
Audit of the CYBERSECURITY (according to the 2nd resolution of the CENTRAL BANK dated 11/01/2018 authorizing the publication of the Cybersecurity and Information Security Regulations) (New)
Evaluate the development, implementation and maintenance of the Cybersecurity and Information Program that seeks the integrity, availability and confidentiality of information, and the optimal functioning of information systems and technological infrastructure. Likewise, we evaluate the adoption and implementation of practices for the management of Cybersecurity and Information Security risks.
Systems Audit to the Administration, Planning and Organization Management Systems / Information Technology.
Evaluate the strategy, policies, standards, procedures and practices related to administration, planning and organization Management Systems / Information Technology practices.
Audit Systems to the Technical Infrastructure and Operational Practices
To assess the effectiveness and efficiency of the implementation of the technical infrastructure and operational practices in the current organization and management to ensure that adequately support the business objectives of the organization.
Audit System to Protect Information Assets
Assess the Control Environment and safety systems to ensure it meets the business requirements of the organization to safeguard information resources against unauthorized use, disclosure, modification, damage or loss.
Audit Systems Development, Acquisition, Implementation and Maintenance of Business Application Systems.
Assess the adopted methodology and processes for the development of application systems, acquisition, implementation and maintenance, to ensure that the business objectives of the organization are achieved.
Audit Information Security Systems.
Evaluate the logical and physical to ensure confidentiality, integrity and availability of information and systems security.
Systems Audit to Disaster Recovery and Business Continuity
Evaluate the process of development and maintenance of Business Continuity Plans and Disaster Recovery Plans, documented, communicated and tested for performance and continuity of business operations, in case of contingencies.
Analysis of 100% of the database information and sales / billing
Identify potential sales manipulated in its unit price, amount charged or date of sale or other column / field.
Run by stratifications sales analysis by product, date, vendor or another column / field.
Perform calculations and recalculations sales price to identify changes in unit prices or improperly collected amounts.
Detection of Missing Sales.
Duplicate Detection Sales.
Detection sales items or eliminated.
Missing Invoices detection.
Duplicate detection Invoices.
Detection sales in outside office hours (in case of the respective transaction time column).
Detection sales made by staff who is not seller (if you have the respective column of item names or seller).
Sales unposted detection.
Price change detection in high or low peaks (distortion of the mean).
Recalculating sales commissions and products.
Analysis of 100% of the information and customer database / debts / collections
Recalculation of customer debts.
Customers duplicate detection.
Customers ghost detection.
Detection charges customers uncounted.
Detection miscalculated and accounted charges.
Analysis of 100% of the information and database Stores
Recalculation of stocks (will determine whether opening balances, income and output was manipulated).
Deleted notes detection Income.
Duplicate detection Income Notes.
Top notes detection Removed.
Duplicate detection output notes.
Detection manipulated prices cost.
Identify outputs income or manipulated in date.
Contrasting sample outputs income and physical documentation.
Analysis of 100% of the information and database Purchasing / Suppliers
Identify purchases manipulated in cost price, amount paid or date of purchase or other column / field.
Perform calculations and recalculations purchase price to identify changes in unit prices or amounts paid.
Ghosts Suppliers detection.
Duplicate detection shopping bills.
Analysis of 100% of the information and database Accounting
Crossing information between the accounting entries with sales, billing, debts and purchases to determine the integrity of the information.
Proofs detection Missing
Duplicates Detection Comprobantes
Proofs unmatched detection
Analysis of 100% of the database information and general
Perform crossovers automatic information between one or more tables and databases from different platforms or databases engines
Identify items or unusual transactions through listings exception.
Run analysis by stratifications.
Perform substantive tests
Check calculations linking files, fields and adding certain age balances.
Get listings and totals items, product, dates, date ranges, customer, supplier and other selection criteria.
Browse correlative sequence.
Browse duplication of documents.
Perform tests of details of transactions and balances (interest recalculations, mining sales above a certain value, etc.).
Perform analytical procedures, for example identifying inconsistencies or significant fluctuations.
Carry out tests of general controls
In addition, we do consulting in Information Security and IT:
Development of IT Strategic Plans
Implementation of IT controls as regulatory framework Irrigation Operational SIB.
Preparation of annual work plans IT
Development of Business Impact Analysis (BIA) related to IT
Analysis and Risk Management based IT MAGERIT, NIST or FINE.
Implementation and Certification of Information Security based on ISO 27001 and 27002.
Implementing COBIT, ITIL, CMMI, PMBOK, PRINCE2 and IT Governance
Implementation of business continuity planning (BCP).
Implementation of Disaster Recovery Plan (DRP).
Implementation of alternative sites (Hot Site, Warm Site and Cold Site).
Evidence and proper documentation BCP and DRP
Implementation of Information Security.
Hardware and software implementation of logical and physical security
Development of IT Policies and Procedures.
Penetration Test (Ethical Hacking)
Compliance with Sarbanes Oxley (Sox) related to IT
Awareness courses and seminars on Information Security