GBQ’s IT audit methodologies are drawn from multiple sources, including Control Objectives for Business & Information Technology (COBIT). COBIT is an IT governance framework and supporting toolset that bridges the gap between control requirements, technical issues and business risks. Other IT Audit and Control Frameworks include:
GBQ adds value by drawing on years of project experience to build custom risk control matrixes for each of our clients. We strive to provide value in our audits by identifying controls which can be automated, and recommend changes to controls which are not deemed to be particularly useful. We understand that control automation can provide greater efficiency as well as effectiveness, and can also reduce the sample sizes required for audit testing.