Home | Sitemap | Contact | Privacy Policy

IT risk management

The rapidly growing dependence of business operations on IT as well as on laws such as Basel II, the Sarbanes-Oxley Act and a number of data security laws have resulted in IT Governance, Risk and Compliance Management (GRCM) becoming a more frequent subject of discussion for company boards and IT management.

The goal of GRCM is to integrate the IT of a large company into their business activity in the best possible way. The available IT resources are projected to achieve an optimum in terms of cost, quality and risk.

serima Consulting supports you in the setup and development of GRCM systems (monitoring, control and direction) with the following goals:

  • Optimal utilization, control and direction of IT investments
  • Reduction of legal and financial risks
  • Reduction of risks to infrastructures and projects.


By using a risk-based approach, as required by financial auditors and controllers, serima Consulting uses the international frameworks COSO, Cobit and Val IT to identify, evaluate and analyze risks and for the resulting procedures.