LucaNet Consulting.

Within the scope of a risk-oriented auditing approach, IT system audits or the IT audit is an essential component of the audit of annual financial statements. The objective of the audit is an assessment of the error risks, that is to say, the risk of a significant error in the IT system, to an extent that it is relevant for accounting. IT systems relevant for accounting are related not only to financial accounting, but also, for example, to merchandise management, payroll accounting, and online banking systems. We do not limit ourselves only to conclusions, but also systematically point out vulnerabilities. In addition, we will provide you with valuable impulses for increasing efficiency and effectiveness in the existing IT business processes and IT-related business processes (organizational, technological and operational).

subject areas.

• Conducting IT audits under IDW PS 330, 331, 850, 951
• Certification of software products (software certificate IDW PS 880)
• Certification of service-related internal control systems (IDW PS 951, ISAE 3402)
• Preliminary check for audits (data media transfer)
• Audit outside of the annual financial statements
• Examination of authorization concepts
• Conducting security checkups (Security Alliance / BSI)
• IT compliance
• IT reports

With our analysis software (IDEA), which is also used by the tax authority within the scope of business or tax audits, we are in a position to import, structure, and analyze large quantities of data, and in so doing, discover structural errors or attempted fraud.

subject areas.

• Data preparation
• Journal entry testing (JET)
• Process mining (SAP processes)
• IT investigations for cause, among other things, due diligence, insolvency law, labor law, IT forensics

Complex data protection requirements according to the EU General Data Protection Regulation make the situational requirements for companies unclear. We review all of the procedures surrounding data protection for our clients and the appropriateness of the respective data protection environment.

subject areas.

• Conducting a process analysis
• Developing recommended actions

services.

• Data protection Quick-Check
• Evaluation of the principles, procedures and measures in accordance with the EU General Data Protection Regulation and the Federal Data Protection Act (IDW PH 9.860.1) [Institute of Public Auditors in Germany, Incorporated Association, IDW].

 

In center stage of IT due diligence analysis are risks and potential for improvement in the areas of IT infrastructure, IT business operations, assessing the degree of digitalization—potential for post-merger integration. IT due diligence ensures that the synergies in these areas are estimated realistically and fully. The investigations provide an overview over the existing strengths and weaknesses of the operative areas of the company, including their effects on the key financial figures. In addition, they furnish approaches for measures to be taken after concluding the transaction.

subject areas.

• Guidance in IT consolidation within the context of post-merger integration
• Red flag report
• IT spot analysis
• IT benchmarking

services.

• Quick check
• Data analysis
• IT interview sessions
• IT risk analysis
• IT red flag report
• Determination of IT performance level

Reliable and efficient IT organizations require individually adapted IT governance structures. We will support you in achieving your IT goals and as a result, your business goals.

services.

• Design, optimization, and implementation of IT service frameworks, for example, according to ITIL, COBIT.
• Strategic orientation of the IT organization towards business requirements, definition of clear roles, responsibilities, and decision-making channels between IT and business.
• Conducting assessments and audits following international reference models and standards, as well as branch-specific regulatory requirements.
• Identifying clear measures and recommendations for action on IT restructuring.