IT GRC (Information Technology / Governance, Risk Management and Compliance)

Information systems are among an organization’s most vital resources, and it is essential to protect and secure them.  IT managers face daily challenges and must also meet many regulatory requirements.  Our firm has the requisite knowledge and oversight experience combined with IT expertise.

Ben David Shalvi Kop’s IT GRC Department is a multidisciplinary unit that integrates accounting and information systems.  Synergy between these specialties allows for full and comprehensive service in IT oversight.

  • Auditing via information systems – development and use of computerized information systems in order to perform an audit on large data bases.
  • Auditing of information systems – checking system attributes, work processes, and reviews of accounting information systems; examining interfaces and processes concerning information systems

The IT GRC Department specializes in providing an overall accounting and engineering response for all IT inspection areas.  The department includes accountants experienced in information system auditing together with IT, industrial and management engineers with substantial experience in the fields of systems engineering and development, managing complex projects and IT oversight.

Ben David Shalvi Kop works in cooperation with an engineering group that has developed an innovative methodology which has been successfully applied in the Israeli Air Force and in the field of transportation.

Services extended by the department:

  • Checking effectiveness of built-in control in a system – prevent, identify and uncover irregularities; check the existence and quality of inspection paths, authorizations for systems use, and data protection.
  • Examining the system’s development, maintenance and function in relation to user requirements
  • Defining policy and specifying IT work procedures
  • Development of IT systems, from initiation to system specifications, development, checks, and culminating in its being incorporated into the client’s operations
  • Identifying, mapping and managing risks in the IT environment and specifying the scope and level of control that are necessary in light of these risks
  • Monitoring and auditing numerous IT projects
  • Hardware and software maintenance and security.
  • Checking effectiveness of control in accordance with ISOX regulations including Inspector of Insurance provisions for IT management, instructions for data security management, and standards for securing defense-related information

Team of managers:

Efrat Badichi – CPA, Simon Kadusi