Technology Assurance

This is the age of information. Information technology is improving and expanding its territory every day. Technologies are becoming so vital parts of business these days, it is becoming so difficult to imagine business without technology. It brings efficiency in operations and costs, transparency and reliability. It also enables us to offer new services and products that were never possible before. But, with all these advantages come with risks and challenges. To comprehensively identify, evaluate and manage these risks, we need comprehensive systems audit. For high quality and value-adding audits, businesses need IT audit expertise and experience which they normally do not possess. Here we come to your assistance.







ERP Systems Audit


We deliver comprehensive business applications audit for various platforms to ensure that business gets adequate value from the ERP systems.

  • SAP R/3 and ECC 6 systems audit
  • Oracle e-Business Suite audit
  • IFS / JDE / PeopleSoft systems audit
  • Locally built ERP systems audit, etc.








Telecom Systems Audit


We perform very comprehensive and value-adding audits in different verticals of the telecom sector. We conduct both legal & regulatory compliance audit as well as internal business-oriented audits.

  • Mobile operations (2G / 3G)
  • PSTN operations
  • BWA operations (Wi-max)
  • IGW operations
  • ICX operations
  • ISP operations & IP Telephony
  • Passive infrastructure operators










Banking System Audit


Banks have so many areas of system audit. We can help the banks to perform the following audits.

  • Core banking systems audit
  • SWIFT systems audit
  • Internet banking audit
  • Mobile financial services audit
  • Card operations audit
  • PCI-DSS compliance audit, etc.











Service Organization Control (SOC) Audit


For the BPO service providers, SOC-1/2 reporting sounds like a nightmare. In Bangladesh, we provide the following works for SOC reporting.

  • SOC-1 auditing under ISAE 3402: Type - I / II
  • SOC-2 auditing under ISAE 3000: Type - I / II
  • ISAE 3402 & 3000 implementation advisory for SOC-1 & SOC-2 reporting










System Validation Projects


We undertake computerized system validation projects for Good Manufacturing Practices (GMP), and Good Distribution Practices (GDP) in the areas of:

  • Design Qualification (DQ)
  • Installation Qualification (IQ)
  • Operational Qualification (OQ)
  • Performance Qualification (PQ)










Certifying Authority (CA) Audit


We undertake CA audits of various types. In Bangladesh, CCA has mandated annual external technical compliance audit for CA operators.

  • CA statutory compliance audit based on CCA standards and guidelines
  • CA compliance audit based on Trust Services Principles (TSP)
  • Quarterly internal audit on CA for certificate repertory
  • Semi-annual internal audit on CA operations










IT Infrastructure Audit


We also perform general IT infrastructure and information security audits in the following areas:

  • Data centers w.r.t. TIA 942
  • IT networks, servers & databases
  • Penetration Testing / Ethical Hacking, etc.