Risk Management :
•assisting clients in developing their risk profile and designing a strategy to mitigate the risks

Internal Audit :
•Internal Audit Transformation: enhancing the contribution of the Internal Auditor to continuously improve company performance
•Strategic Partnering and Staffing: formulating the right mix of resources that includes utilization of tools and applying standard
•Vendor and Outsourcing Audits: assuring reliability and dependability of business partners
•Fraud/Forensic Investigations: preventive, detective and corrective action in respect to fraud
•Establishment of Internal Audit Function: Audit Committee, Audit Strategy, Work Plan, Deliverables, and Resources
•Internal Audit Quality Assurance: Review Internal Audit function within the organization
•Internal Audit Quality based on BI Regulation: PBI 1/6/1999 SPFAIB (Standar Pelaksanaan Fungsi Audit Intern Bank Umum)

Information Technology (IT) Governance :
−Establish IT scorecards to support the business goals/vision and strategies
−Establish or re-engineer a client’s processes against international and local standards/best practices, such as:
−ITIL for IT service management
−ISO/IEC 27002 for Information Security Management (ISMS)
−Sarbanes-Oxley Act (SOX)
−PRiNCE2 for project management
−BI regulation regarding PBI 9/15/2007 – Implementation of Risk Management in the Use of Information Technology by Commercial Banks
−BI Circular Letter No. 9/30/DPNP - Risk Management in the Use of Information Technology by Commercial Banks
−BI regulation regarding PBI 11/11/2009 – Alat Pembayaran Menggunakan Kartu (APMK)

Enterprise Security :
−Establish an IT security function based upon international standar/ best practice
−Assisting in preparation for ISO 27001 certification and audit
−Security health check against NIST 800-53
−Assisting compliance towards PCI DSS (for Payment Card Industry)

Systems Controls and Effectiveness :
−Checking controls outside and within the “IT Box”
−Control Objectives for Information and related Technology (COBIT)
−Setting up surveillance systems to immediately mitigate control weaknesses

IT Systems Management :
−Checking controls against ITSM or ITIL standard
−Assisting in preparation for ISO 20000 certification and audit

Business Continuity Plans :
−Assisting in preparation for Business Continuity Management System (BCMS) certification and audit (BS 25999-2)
−Emergency response and evacuation plan
−Safety and security operations manual (in compliance with OHSAS 18001)
−Redundancy and recovery site establishment:
−Avoiding single point of failure in building support infrastructure, e.g. electrical cabling, water and fuel supplies
−Site selection and site support requirements, e.g. food, water, medical supplies and temporary accommodation

Information Communication and Technology (ICT) recovery plan:

−Emergency communication
−IT disaster recovery plan
−Periodic testing, drill and training

IT Project Management :
−Quality assurance for system development
−Vendor Selection i.e. ERP, Core-Banking, IFRS, etc
−Data cleansing, integrity checking and migration
−Change management controls

Vulnerability Analysis: conducting vulnerability and penetration testing for clients’ systems

IT Audit covering the high level assessment of:
−IT governance
−Enterprise security
−Systems controls and effectiveness
−Business Continuity Plans
−IT Project Management

Independent Reviewer for BEI (Bursa Efek Indonesia) requirement:
−Remote Trading
−Online Trading
−Backup Remote Trading Application
−For all independent review are required by BEI

Quick Contact

  • Head Office
    Puri Imperium LG31
           Jl. Kuningan Madya
           Jakarta Selatan 12980
  • Send email
  • P: +62-21-8370-8899
    F: +62-21-2948-6766