We help businesses in effectively managing cyber security threats, IT risks, privacy, compliance with regulations, and implementation of key IT Initiatives.

We are one of the leading providers of IT Advisory & Cyber Security Services to diverse industry segments.

Our specialist Service Offerings include:

1. Cyber Security Services
Grant Thornton’s cybersecurity methodology leverages the industry leading recommendations as the benchmark to address your organisation’s cybersecurity requirement.

About us Growth advisors to dynamic organisations, providing robust compliance services and growth navigation solutions. Read more

organisation’s cybersecurity requirement

  1. Identify:
    1. Assess and design cyber security strategy and architecture
    2. Risk assessment for information assets
    3. Assessment and design of cyber security policies and practices
  2. Protect
    1. Data classification and threat profiling
    2. Assessing and managing data privacy classification
    3. Define access controls to IT assets
    4. Developing data protection strategy
    5. Assess agreements with third party, Service Level Agreement (SLA), Operational Level
    6. Agreements (OLA) to ensure adequate level of security
  3. Detect
    1. Perform data privacy reviews
    2. Perform IT risk management and compliance reviews
    3. Perform IT controls assessments / application system controls reviews and infrastructure controls reviews
    4. Perform vulnerability assessments, penetration testing, ethical hacking (including cloud-based installations)
    5. Review and identify technology vulnerabilities and compliance exceptions
    6. Software asset management & reviews
  4. Respond
    1. Develop emergency response plan & team
    2. Develop emergency response processes and coordination
    3. Develop policy and procedure for evidence handling
    4. Perform root cause analysis and manage investigation
  5. Recover
    1. Implement configurations to eliminate identified vulnerabilities
    2. Implement measures for threat reduction, counter-measures, data leakage and breaches
    3. Reassess risk exposure and re-evaluate cyber security strategy
    4. Communicate respective stakeholders of the recovery process and outcomes

Key services during detect phase include the following:-

  • Data privacy reviews
  • IT risk management and compliance reviews
  • IT controls assessments
  • Application system controls reviews
  • Infrastructure controls reviews
  • Vulnerability assessments, penetration testing, ethical hacking
  • Software asset management & reviews
  1. ERP Assurance Services
    1. ERP risk & controls reviews
      1. Security administration review
      2. Privileged access / user access rights management
      3. Incident management
      4. Application security controls review
      5. Review of segregation of duties
      6. User provisioning assessment
    2. ERP Functionality Review
      1. Process & functionality review and recommendations
    3. ERP Project Assurance
      1. Pre-implementation review
      2. Change management review
      3. Controls optimisation
      4. Data migration support
      5. Post-implementation review
  1. Third Party Assurance & Regulatory Compliance Services

    Third Party Assurance  Services
  1. IT Risk & Assurance Services
    IT Risk and Assurance services include review of IT controls for financial reporting, Assessment of Internal Controls around Key Business Processes.
    1. IT general controls reviews
    2. IT Infrastructure security & controls reviews
    3. Application and business process controls reviews
    4. Database security controls reviews
    5. Controls testing for SOX 404 reporting
    6. IT due diligence
    7. Data quality reviews – CAATs, etc.
    8. Internal Control Over Financial Reporting (ICFR)
  1. IT Project & Program Management Services
    1. IT Project Startup Activities
      1. Understand the concerns and challenges and capture expectations of various stakeholder groups for effective IT project Implementation
    2. AS-IS Assessment Interact with the stakeholders to gather expectations from the various services rendered. Key activities include:
      1. Current workflow and business flow / Movement of Information across the organisation
      2. Prepare As – Is Documentation
    3. IT enabled Process Re-engineering
      1. Based on inputs from As-Is” assessment phase, identify processes that can be re-engineered through IT enablement
      2. Derive re-engineered ‘To-be’ business processes.
    4. Vendor Selection and Implementation support
      1. Prepare the RFP
      2. Support in technical and commercial evaluation of the product / vendor
    5. Implementation Planning and Project Support
      We provide assistance during the various stages of the Implementation phase to ensure smooth functioning of the adopted systems.
      1. Project management
      2. Project monitoring and evaluation
      3. Project appraisal
      4. SLA monitoring