DES is known for its professional Auditing services which are carried on systems to reassure it’s clients that the system meets the following checklist items:
Functionality – The functionality meets the initial and growing company requirements
Security – The system is secure in terms of access and audit trails
Stress Tests – The system is able to sustain future data requirements
Quality Assurance
Reporting – the system produces relevant management reports
The results of the assurance process are a report of findings of the applications strengths and weaknesses as well as recommendations on the tests carried out.
Application development audit: This will ascertain the adequacy for various risks during this process, which will include:
- Adoption of inappropriate SDLC for the System
- Inadequate controls in the SDLC process
- Inadequate adherence to the chosen SDLC
- Inappropriate technology and architecture
- Inadequate quality of the application system
- Performance criteria not being met
- Insufficient documentation
- Management of change
Application controls audit: These are controls embedded in business process applications. They ensure accuracy and completeness of records and the validity of entries made in the transactions and standing data. Application controls are a sub-component of the entity’s business controls. The integrity of data is directly related to the sufficiency of the controls under which the data are gathered, processed, stored and reported. Our focus will be on controls embedded in the application over the processes used to initiate, authorize, record, process and report relevant information. This include, among others:
- Identification and validation controls
- Access controls
- Controls that enhance integrity of information such as validation and edit checks
- Controls that enhance the confidentiality of information
- Controls that enhance the availability of the application and the relevant data
- Error handling controls
- Log management
- Reporting controls
Processing audit: Processing controls ensure that processing is accurate, complete, timely, authorized and auditable. In addition to application controls that relate to input processing, we employ our qualified professional resources to undertake a thorough examination and testing of logical computations as performed by the application for processes identified and prioritized by the client in order to provide a reasonable assurance that the application does what it is intended to do. In auditing the application’s processing capability, we will be guided by 4 principles namely consistency, accuracy, validity and reliability.
Compliance audit: In compliance audits, data security remains a central theme. We are aware of the requirements to comply with a number of government and industry-specific regulations for purposes of safeguarding the confidentiality, integrity, and availability of electronic data from information security breaches. To this end, we carry out the following in order to provide independent assurance of regulatory compliance:
Identify and document pertinent regulatory requirements
Asses whether both the organizations management and IS functions have considered the relevant external requirements in making plans, setting policies, standards and procedures
Review internal IS department documentation that address adherence to laws applicable in industry. Determine adherence to established procedures that address these requirements