IT and data protection consulting

IT systems are becoming increasingly complex and are involved in almost every operational business process. Constantly growing demands are placed on their performance and reliability. We therefore carry out targeted IT system audits and mass data analyses as part of our financial statement audits and in the course of separate engagements. A special focus is placed on auditing interfaces and IT controls. These audits are carried out in close consultation between our IT-proficient auditors and our IT experts.

Overview of our services:

• IT system audits in accordance with IDW PS 330/IDW FAIT 1 (both in connection with the audit of the financial statements and as a separate audit)
• IT security audits (IT security policies, data security, authorisation policies, etc.)
• Conduct of mass data analyses (both in connection with the audit of the financial statements and as a separate audit)
• Data protection audits
• Data and interface testing to simulate digital tax audits with the tool used by the taxation authorities
• IDW PS 880 on the auditing of software products at the manufacturer and the issuing of software certificates
• Auditing of compliance with the German proper accounting principles (GoB) in the case of electronic archiving

IT-supported business processes predominate in today’s business world. Rapidly increasing volumes of data are generated and processed. Analysing such volumes at scale takes special data analysis software. Mass data analysis is consequently an indispensable tool in many areas.

We will support you in all areas of mass data analysis.

• Scoping of data relevant for analysis
• Support in data provision/preparation
• Data analyses in the context of financial statement audits, e.g.:
  • Journal entry testing
  • Fraud screening
  • ICS
  • Auditing of interfaces with upstream and downstream IT systems
• Data migration audits when changing IT systems
• Data analyses in the run-up to tax audits, including tax audit simulation

We use various software tools for mass data analysis depending on the task at hand. Specifically for data analysis in advance of tax audits, we use the IDEA tool in conjunction with Audicon’s AIS TAX Audit.

For most businesses, the announcement of a tax audit is a source of worry – in some cases even more so since the introduction of digital tax audits. Areas that previously used to be only sampled are now subjected to comprehensive analysis using auditing software. Such an audit sets the bar far higher than used to be the case in analogue times.

We simulate digital tax audits for you in advance to identify potential risks, which we then discuss with you and help to eliminate. For the purpose, the experts at WirtschaftsTreuhand use the same Interactive Data Extraction and Analysis (IDEA) software as the tax authorities. In this way, we dispel any worries about an impending (digital) tax audit and provide you with a sound basis for assessing the expected results of the audit in advance, allowing you to take corrective action if necessary. You are thus ideally prepared for making future business decisions.

Selecting and implementing ERP, ECM and DMS systems is a complex, resource-intensive and high-risk undertaking for small and medium-sized enterprises. Many projects fall short of expectations or even fail completely. It is not uncommon for them to run over time and budget, with not every function in the specifications being implemented. Processes often operate less effectively after implementation than before.

We will help you specify your functional requirements and serve as your guide to the frequently confusing and complex systems market. We focus on your business processes and treat IT as a source of added value and a factor of production. Our consulting approach is to design the optimum IT application infrastructure for corporate management in cost-benefit terms. We will be happy to support you with our expert knowledge in the selection and introduction of an ERP, ECM or DMS system.

The EU General Data Protection Regulation (GDPR) entered into force on 25 May 2018 and has brought many challenges for companies, associations and public agencies. The GDPR affords individuals the right to decide for themselves how their data is used. Customers are becoming increasingly aware in this regard and want to be informed about how companies process their personal data. The implementation of data protection is increasingly a quality criterion against which companies are measured.

Can you answer your customers’ questions about how their data is processed? Is your company equipped for an audit by the data protection regulator?

We provide consulting services on data protection in business geared to mid-sized companies and practical needs.

• GDPR check-ups – an efficient means of assessing GDPR compliance in your business on the basis of check lists and interviews
• Support for your in-house data protection officer or appointment of an external data protection officer on our team

We use our expertise to help you develop your data protection organisation. Implementing the legal requirements on data protection and incorporating them into business processes for our clients is part of our everyday work. We also provide suitable training to ensure awareness among your workforce.