IT Application Audit | Access Management and Database security

Client Needs & Objectives

Our client, one of the leading financial cooperatives in North America, mandated us to perform an audit of their access management and database security for check and cash clearing applications.

The objective of the IT audit was to:

  • Evaluate the systems and processes in place that related to authentication, access management and database security.
  • Define and assess risks and controls related  to a company’s information assets.
  • Ensure processes are in compliance with IT-specific regulation, internal policies and standards, and industry best practices.

Our approach

  • Developed a comprehensive Risk and Control Matrix and evaluated the identified risks based on COSO risk framework
  • Gathered relevant sources of information to conduct design and efficiency testing of existing controls: departmental policies, standards and prior audit workpapers
  • Created design and effectiveness tests for each control
  • Conducted interviews with process users and owners to obtain an understanding and walkthrough the key processes.
  • Assessed the residual risk levels of inadequately designed or executed controls
  • Communicated findings with key stakeholders and management and accompanied them to set action plans for remediation of ineffective controls
  • Delivered a report including control and testing documentation, as well as the action plans agreed upon by the accountable parties

Client Benefits & Main Results

  • Independent review and understanding of the risk environment related to our client compensation applications

  • Development of a Risk and Control Matrix for the audited processes

  • Assurance on the design and effectiveness of access management and database security for the audited applications

  • Results of the audit helped bank to proactively address any residual risks relating to the inadequate design or the ineffectiveness of the controls

Scroll to Top


After 13 years of a wonderful journey, alongside talented colleagues and valued clients, it is time for Chappuis Halder & Co. to begin a new adventure as Capgemini Invent.


As thinkers and doers, we have supported clients around the world and have consistently invested in expertise to provide thought leadership and deliver impactful projects related to Finance, Risk and Compliance ESG, Business development and Organization transformation, Data, Tech, and Cybersecurity.


Joining forces with Capgemini Invent presents an extraordinary opportunity to accelerate and go above and beyond as a global team to “Seize the full potential of financial services”.

Our journey continues as