Cyber and IT Risk Audit Firm

Cyber and IT Risk Audit Firm

Audits, Assessments and Assertion Testing

We’re a UK firm of Chartered Accountants. Our cyber and IT risk team is led by a Partner who is a Chartered Member of the Institute of Internal Auditors (CMIIA).

Many of our team are Certified Systems Auditors (CISA) qualified.

We typically work with:

  • Growing mid-tier and SME businesses
  • Charities and not-for-profits
  • Government departments and NGOs

Cyber and IT Audit Scope

Our IT risk management service:

  • Will review your critical technology against:
    • The National Institute of Technology (NIST) Cyber Security Framework
    • ISO 27001
    • Cyber Essentials
    • Good practice standard
  • Benchmark your data analytics and provide assurance as to how well your current IT risks are being managed

Cyber and IT Audit Reviews

Our audits can include:

  • Cyber governance, strategy and incident response planning
  • Internal audits of IT General Controls (ITGCs) and system access management
  • Third-party and supplier cyber risk reviews
  • Data loss prevention and endpoint security control testing
  • Technology risk reviews focusing on system reliability, change management and disaster recovery
  • IT project assurance: including system implementation and post-go-live reviews
  • Technology strategy alignment with business objectives and regulatory expectations
  • Reviews of IT service management and operational resilience (e.g. based on ITIL or COBIT)

Cyber and IT Audit – How We Help

We’ll work with you to build a trusted partnership by:

  • Understanding and then analysing your challenges to identify their causes
  • Providing practical advice tailored to your specific needs
  • Helping you embed a culture of continuous improvement

Enabling you to improve your decision-making.

Cyber and IT Audit Project Delivery

Our cyber and IT audit service will:

  • Deliver on time and on budget
  • If required, commence projects rapidly – we currently (September 2025) have staff available.
  • Work flexibly as:
    • A fully outsourced service
    • A co-sourced service (allocating work between us as required)
    • An ad-hoc/one-off service. We’re often able to complete ad-hoc services within 1–2 weeks of your go-ahead

IT Management Sector Experience

We bring 20 years of IT experience at the national and mid-tier company level, working across:

We have in-depth experience in:

Corporate/CommercialPublic Sector
 Banking Local Government
 Financial services Central Government bodies
 Insurance Emergency Services
 Retail Non-Departmental Public Bodies (NDPB)
 FintechEducation
 Listed CompaniesAcademy Trusts (Single and multiple academy trusts)
 UtilitesFurther Education (FE)
  EnergyHigher education (HE)
Not for Profit/Charity 
Third sector clients 
Non-Governmental Organisations (NGOs)

Technology Risk Management Staff Resources

  • We’re a full-service firm of UK Chartered Accountants with 90 staff.
  • We’re based in West London and have several offices. Our services are available in the UK, as well as in the United States, the Middle East, and the European Union.

Technology Risk Team Partner

Thanzil Khan BA CMIIA FIoL

Risk and Technology Assurance Partner

  • BA Hons Accounting & Finance
  • Chartered Member of the Institute of Internal Auditors (CMIIA)
  • 20+ years of experience in internal audit, risk management and governance advisory
  • Supports corporate/commercial, public sector, and not-for-profit clients
Thanzil's full profile

Next Step

Contact us to relieve your risk headache. You’ll be pleased you did.