A financial institute in Hong Kong

Size100+ Employees

Service
IT Audit and assessment based on Hong Kong SFC Ordinance.

Challenge
Major turnover in IT department. Room for improvement in policies, procedures and guidelines for IT governance and internal controls. Projects delayed. Highly concern on data security. Many outsourcing vendors for different IT services.

Our client has been reviewing their IT governance and has urged us to secure their company’s productivity in case of any turnovers. Our customized scope targets not only on IT policies and guidelines, we have also targeted on internal and external network monitoring, budget planning and IT project management. 

Solution
Identified network security vulnerabilities and provided technical recommendations. Evaluated and commenced internal and external controls security devices. Assess ongoing projects including Document Management System and Workflow System to provide project management’s consultation advisory, including project progress, budget, and timeframe.
 
Result
Through a series of interviews and onsite visits, our audit team together with our technical specialists issued a technical report on our findings with both short-term and long-term solutions on higher priority issues, such as network security. Our client was able to imply our short term solutions as a precaution immediately.

Furthermore, acknowledging the operation and positioning of their IT department, an IT handbook was constructed containing IT policies, guidelines and standards, including:
 •    IT Management Policies (including Jobs Functions and Segregation of Duties)
 •    IT Security Policies
 •    End User Guidelines
 •    Vendor Management and Outsourcing Guidelines, etc.

Follow-up
After our assessment and in-depth analysis of the operation procedures, Ringus provides a customized quarterly IT audit package including continuous consultations and ongoing IT assessments.

Moreover, as an independent IT consultancy, our team evaluated the costs of IT projects with the ever-changing market prices and provided a budget report evaluation.

Benefit
A management report concerning all the related IT issues was produced in a way that the management of our client can easily understand the content. Then they can based on the report and make appropriate decisions to improve the situations.

On the other hand, a customized IT handbook containing policies and guidelines was established in order to help our client to achieve a result of better utilizing resources, securing data and network in compliance with IT governance.

Our client was also provided with a budget report evaluation that revealed the costs of IT project in comparison of current market prices for their management proceedings on ROI analysis.