Information Security Services

Information Security has developed into a “Business and Governance” challenge. One that is exacerbated by the increasing reliance on technology and the internet. While the internet has increasingly been providing means to simplify business and reach global markets, it has also provided criminals with new resources for posing serious threats to organizations and society in general. Exactech provides services that help organizations manage this challenge and achieve the desired ROI from various technologies adopted.

A summary of our Information Security services is as shown below:


The main purpose of these services is to provide assurance through evaluation of IT controls within the information systems environment, to ensure system security, usability in terms of the organizations business function, the reliability of data generated by information systems and support the assertion that systems operate as intended and that output is reliable.

Audit Coverage

Our review of the IT General Controls investigate key areas within the IT environment, such as the following:

  •      IT Governance;
  •      IT Security;
  •      General Controls;
  •      Application Controls;
  •      Change Control;
  •      Access & Physical Controls;
  •      Security Controls;
  •      Program Development and Implementation;
  •      Backup & Disaster Recovery; and
  •      End User Computing.

Audit Methodology

The main features of our audit approach are:

  • Risk-based: Our audits are continually targeted at inherently high-risk areas where the design of controls is found to be strong during the risk analysis and our plan on determining with reasonable assurance, whether controls are operating as intended;
  • Controls-orientated: Understanding controls from management’s perspective and identifying the most cost-effective approach to compliance testing. This enables us to design an audit program, which focuses on key controls; and
  • Objective driven: Focusing on process objectives and strategic objectives as designed by management.

For more information on our IT Audit services, please contact us at info[at]