Information security services

Information Security has developed into a “Business and Governance” challenge. One that is exacerbated by the increasing reliance on technology and the internet. While the internet has  increasingly been providing means to simplify business and reach global markets, it has also provided criminals with new resources for posing serious threats to organizations and society in general. Exactech provides services that help organizations manage this challenge and achieve the desired ROI from various technologies adopted.

A summary of our Information Security services is as shown below:

The main purpose of these services is to provide assurance through evaluation of IT controls within the information systems environment, to ensure system security, usability in terms of the organizations business function, the reliability of data generated by information systems and support the assertion that systems operate as intended and that output is reliable.


Audit Coverage

Our review of the IT General Controls investigate key areas within the IT environment, such as the following:

  •      IT Governance;
  •      IT Security;
  •      General Controls;
  •      Application Controls;
  •      Change Control;
  •      Access & Physical Controls;
  •      Security Controls;
  •      Program Development and Implementation;
  •      Backup & Disaster Recovery; and
  •      End User Computing. 


Audit Methodology

The main features of our audit approach are:

  • Risk-based: Our audits are continually targeted at
    inherently high-risk areas where the design of controls is found to be
    strong during the risk analysis and our plan on determining with
    reasonable assurance, whether controls are operating as intended;
  • Controls-orientated: Understanding controls from
    management’s perspective and identifying the most cost-effective
    approach to compliance testing. This enables us to design an audit
    program, which focuses on key controls; and
  • Objective driven: Focusing on process objectives and strategic objectives as designed by management.

For more information on our IT Audit services, please contact us at info[at]