IT services as a matter of courseFrom strategy, through IT auditing to security

An auditing company with IT division?

dhpg

dhpg is a consultancy firm with emphasis on

financial auditing, tax and legal advice as well as

insolvency and reconstruction advice. And with

its own IT division.

The progressive digitalisation of business life is accompanied by huge technical, professional and legal challenges for com-panies and service providers. How can IT optimally support the processes in my company and what do I have to look out for in terms of data protection and the year-end accounts? These and other questions now have increased importance for medi-um-sized companies today as important processes are automated using IT systems.

Since 2011, dhpg has been one of the few medium-sized consultancy firms which has its own IT division. Initially only tasked with supporting the accountants during the year-end accounts, the team now offers the complete spectrum from strategy ad-vice through to IT security.

Qualified computer scientists, CISAs (Cer-tified Information Systems Auditors), certified lead auditors for ISO 27001 audits based on basic IT security, IT auditors and advisers, but also professional security testers and auditors make up a qualified advisory service. As a matter of course.

Where that comes from can be explained quickly

2 dhpg

Table of contents TestimonialsIT services and medium- sized businessesServices

TeamContact

45

6

811

Dear Readers,

Let’s be honest: how often have you found yourself in meetings where discussions have been suffocated by IT jargon? In meetings where has been more discussed what is not an option far more than the numerous possibilities?

IT consultancy has to achieve more these days. As a customer you have to and should expect more from a partner: advice on digital business models and processes through to data protection and IT security. Inter-di-visional and integrated. Competent and on a level playing field. Human and comprehensible. And this is exactly what dhpg and their IT services department stand for.

On the following pages you can find out more about our range of services and the people behind them. When will we become acquainted? So that you can personally find out that we are different.

We look forward to it.

Prof. Dr. Andreas Blum and Markus Müller (CISA)

Editorial

3

Testimonials

“We had a competent partner accompanying us in the form of dhpg who quickly familiarised themselves with our IT processes for our specific field as well as with our company’s internal monitoring system. A professional collaboration which has advanced us in process structure and development overall.”

“The dhpg advisers stand out due to fair and competent contact. Pragmatic solutions were even found for critical topics.”

Peter Groß Internal Audit Director OVB Holding AG

Andreas Forster Accountant/Tax Advisor Forster & Partner Steuerberatungsgesellschaft

“Our collaboration with dhpg summarised concisely: high-quality, reliable information with minimal auditing effort for us.”

“The dhpg advisers, with the ‘Trusted Shops’ seal of approval in mind, are a reliable partner for us in their interdisciplinary methods of operation when it comes to respecting current regulations.”

Dr. Björn Momsen Chief Financial OfficerTrusted Shops GmbH

“For three years, dhpg has certified the financial software in oscare® for our customers in accordance with auditing standard PS 880 for software products – in a professional, target-orientated and very friendly manner.”

Tanja Willeke Head of Quality Management AOK Systems GmbH

Michael Fleck Head of ProductionLandschaftsverband Rheinland (LVR)

4 dhpg

IT services

We understand medium-sized businesses

dhpg’s IT services division guides you pro-fessionally and independently of the system used from conception through to imple-mentation for all IT security measures. In doing so you have a stable contact at your side who organises all concerns for you. For questions concerning installation or maintenance, we can fall back on a stable network of partners.

We speak the language of IT consultants as well as the language of non-IT consultants. Our consultants use the most up-to-date methods of analysis in all process phases.

dhpg’s expert team consists of CISAs (inter-nationally recognised certification for the areas of IT security, IT revision, IT risk man-agement and IT governance).

Regardless of which topics we handle in the field of economics, we always have the correct auditors, tax and legal experts who we can turn to for detailed questions.

With us, you are in good hands.

Please contact us.We will gladly support you.

We know the concerns and challenges

of a medium-sized business. Why?

Because we are also a medium-sized

business through and through.

5

Services

An overview of our services

dhpg IT services

IT auditing and advice

IT security, cyber security

IT revision

Data protection

Certification

IT strategies, processes

6 dhpg

An overview of our services

Services

Customised management of IT projects and processes

Analysing existing IT structures Defining a future IT and process land-scape’s target state Producing documentation, manage-ment models and project plans Incorporating business processes, a nd independent system selection Taking over project management IT due diligence

Data protection

Providing external data protection officers

Designing agreements, forms and working procedures which comply with data protection laws

Gap analysis with respect to the EU General Data Protection Regulation Ensuring data security including advice

Data protection audits

Custom-fit certification

Certification in accordance with PS 951 (national) from IDW, fulfilment of the international counterparts ISAE 3402 and SSAE 16 (assured standards of the service-related ICS audit) ISO 27001 certification of advice Proper and secure implementation of certification Modelling and documenting business processes

Individual advice, security concepts and training

Carrying out security tests (e.g. IT se-curity audits, network penetration tests and cyber security checks, including setting up security operation centres [SOC]) Developing and implementing con-cepts for IT security in accordance with DIN ISO/IEC 27001 and basic IT security Creating awareness for your employees in order to increase awareness of IT security IT governance/IT compliance IT revision

IT expertise for internal revisions

Outsourcing and co-sourcing for adherence to compliance regulations Forensic investigations Testing risk management Migration testing Reviewing computer centres

IT auditing in accordance with the standards set by the Institut der Wirtschaftsprüfer in Deutschland e. V. (IDW) as well as in accordance with legal requirements

IT strategies and surrounding fields IT organisation and IT systems IT infrastructure, IT applications and IT business processes Internal monitoring systems IT outsourcing Data analysis Auditing and advice in accordance with the German principles of orderly accounting (GoBD)

7

Prof. Dr. Andreas BlumProf. Dr. Andreas Blum is a dhpg partner and responsible within dhpg for the devel-opment of innovative IT services. He and his team advise companies on all aspects of IT compliance and security. As well as his ac-tivities for dhpg, he is also employed as a regular professor at Hochschule Fresenius in Cologne.

Markus MüllerAs a qualified business data processing specialist, CISA and partner, Markus Müller takes responsibility for dhpg’s IT services division. He is a member of the Information Systems Audit and Control Association (ISACA). He has been a Certified Informa-tion Systems Auditor (CISA) since 2005. An internationally recognised certification in the areas of information system revision, monitoring and security.

Team

Our team introduces themselvesUse the professional expertise of a team which

is established in many different disciplines.

Our experts think in a solution-orientated and

not a problem-orientated way. We will support

you in making your IT future-proof.

8 dhpg

Our team introduces themselves

Joerg LammerichJoerg Lammerich is the Senior Manager of cyber security and takes on concrete technical questions on IT security. In this context, he takes on responsibility for the implementation of vulnerability analyses and penetration tests, the analysis of cyber attacks – particularly in the form of 24/7 data analysis for a service operation centre (SOC) – as well as securing data evidence following a security incident.

René ManzRené Manz is an IT auditor and consultant within the IT services division of dhpg. In this position, he supports national and inter-national companies in the implementation of IT projects and annual financial state-ments. His focus is on questions of internal auditing, verification of legal requirements and compliance with these specifications (e. g. GoBD) as well as analysis of risky company processes through data analyses, IT security analyses and authorization and interface checks.

Fabrice VoigtFabrice Voigt is an IT auditor and advisor (CISA). His main focus is on carrying out certification audits in accordance with IDW PS 880, IDW PS 951 and ISAE 3402 as well as audits in accordance with IDW PS 330 and GoBD, but also interface and fraud audits. Additionally, he carries out IT audits within the framework of internal revision, basic IT security and in accordance with ISO 27001.

Dr. Christian LenzDr. Christian Lenz is a lawyer and oversees the fields of IT and data protection law. In this context, he advises the company on the requirements of the European General Data Protection Regulation. His expertise as an external data protection officer is re-quested in numerous companies.

Team

9

Team

Are you looking for a new challenge? Can you see your-self working in and helping to shape a young team? Excellent! We are constantly looking for new members for our team.

10 dhpg

You can find us here

National and international cooperation

dhpg sites

Nexia Deutschland GmbHwww.nexia.de

Nexia Internationalwww.nexia.com

BonnMarie-Kahle-Allee 253113 BonnT +49 228 81000 0F +49 228 81000 20E bonn@dhpg.de

AachenAdalbertsteinweg 3452070 AachenT +49 241 8874783 0F +49 241 8874783 20E aachen@dhpg.de

BerlinJean-Monnet-Straße 2 10557 BerlinT +49 30 203015 0F +49 30 203015 20E berlin@dhpg.de

BornheimAdenauerallee 45−4953332 BornheimT +49 2222 7007 0F +49 2222 7007 199E bornheim@dhpg.de

EuskirchenCarmanstraße 4853879 EuskirchenT +49 2251 7009 0F +49 2251 7009 50E euskirchen@dhpg.de

Frankfurt am MainLurgiallee 1660439 Frankfurt am MainT +49 69 57005 0F +49 69 57005 190E frankfurt@dhpg.de

GummersbachBunsenstraße 10a51647 GummersbachT +49 2261 8195 0 F +49 2261 8195 199E gummersbach@dhpg.de

CologneErna-Scheffler-Straße 351103 CologneT +49 221 33636 0F +49 221 33636 36E koeln@dhpg.de

MönchengladbachEnscheder Straße 941069 MönchengladbachT +49 2161 27752 22F +49 2161 27752 23E moenchengladbach@dhpg.de

TrierSimeonstiftplatz 154290 TrierT +49 651 2006853 0F +49 651 2006853 60E trier@dhpg.de

WiesbadenKreuzberger Ring 7a 65205 WiesbadenT +49 611 99930 0F +49 611 99930 30E wiesbaden@dhpg.de

Contact

11

www.dhpg.de

EditordhpgMarie-Kahle-Allee 253113 BonnT +49 228 81000 0F +49 228 81000 20E info@dhpg.de

Design2erpack studios (www.2erpack.com)PhotosBernd Roselieb (www.bernd-roselieb.com)

We would like to thank the Kunst- und Ausstellungshalle der Bundesrepublik Deutschland, the Kunstmuseum Bonn and Gasthaus auf dem Ölberg for the opportunity to use their beautiful locations for our photos.

We use a gender-neutral form of address throughout this brochure for ease of reading.

Imprint