Businesses are facing increased risk and compliance demands related to Information Technology (IT) - from investment decisions, standardization of infrastructure and services, automation / business transformation initiatives, to a shortage of skilled resources.

IT is an integral part of any organization and plays a vital role in both private and public organisations. In the aftermath of the pandemic, the value of leading-edge technology became evident as businesses and government entities increased investments in Cloud solutions and collaboration tools to ensure that their employees could remain connected, and to optimally service their clients. With the increase in the use of IT, the associated complexities and risks have increased too.

Minimize risk, maximize predictability and execution

To fully understand and effectively act on the range of risks across your company, you need to rely on comprehensive skills and experience with access to the latest knowledge and leading practices. We help our clients understand their IT risks, and we assist in addressing risk in both proactive and responsive contexts. We deploy our diverse pool of controls professionals, compliance specialists, security professionals, and risk consultants with industry depth to meet the complex requirements of our clients. We work with our clients to provide the optimal team and resource structure to accelerate program execution. Our goal is to ensure we start with the benefits-realization objective to drive the most effective and value-enhancing engagement model for our clients.

Our clients choose Grant Thornton because:

  • they receive the best of both worlds: global coverage through our international network and an agile and flexible service delivery by our local experts and specialist technical partners, responsive to the needs of individual organisations.
  • they receive advice from a team who have deep technical expertise with a robust, commercial outlook. We understand that IT underpins an organization’s ability to run operations efficiently, without exposure to unacceptable and unnecessary risk.

Our services include:

IT Audit

We help our clients to understand how well they are mitigating their technology risks, through thorough audits and assessment. These services include:
• IT general controls reviews
• Application controls reviews / pre and post implementation reviews
• Programmes / projects assurance
• Data analytics
• Control self-assessments

IT Advisory

We help our clients with the governance of IT and to ensure that business and IT is aligned, risk appropriately managed and that the value from IT investments is realized. These services include:
• IT strategy
• IT risk, governance and compliance
• IT sourcing and service provider management
• IT operations
• Disruptive technologies and digital transformation
• Automation and cloud computing
• Solution design
• Programme / project management services
• IT / technology due diligence for Mergers and Acquisitions
• Information management

Cybersecurity Advisory

We help our clients with protection over their most valuable assets, such as data and intellectual property. These services include:
• Cyber strategy
• Cyber risk governance and compliance
• Third party cyber risk management
• Cyber defense and security operations
• Identify and access management
• Data privacy and data protection
• Cyber security testing - pen testing and red teaming
• Cyber incident handling, response plan and data recovery
• Device monitoring, security and digital forensic in event of data breach

Strength of our experts


Certified Information Systems Auditor (CISA)

Certified Information Systems Security Professional (CISSP)

Certified Ethical Hacker (CEH)

Certified Network Security Specialist

Certified in the Governance of Enterprise IT (CGEIT)

Information Technology Infrastructure Library (ITIL)

Certified in Risk and Information Systems Control (CRISC)

ISO / IEC 27001 Information Security Associate

Certified Application Security Engineer (CASE)

Network Security Expert (NSE) 2 - Network Security Associate


Commonly used operating system and database technologies

  • SQL

Data analytics and reporting

  • IDEA
  • ACL

ERP systems

  • SAP
  • SAGE

Technology analysis

  • RAPID7

Please note that the lists / examples provided are not exhaustive. Our experts regularly engage in strengthening their skills and familiarising themselves with the latest trending developments to ensure that our clients receive world-class IT audit and advisory services.