For the success of your company its optimal positioning is crucial. You and your team have a healthy relationship between opportunities and risks. However, the objective analysis and evaluation of risks as well as a sustainable review of the implementation of legal and regulatory requirements are also important.
Our incentive - mutual and fair success at eye level
The range of services offered by REVCOMP GmbH goes far beyond standardized checklists and tests. Our team members have many years of expertise in the field of banks, financial and payment service providers as well as SMEs and international corporations. As external auditors and consultants for internal auditors, in the regulatory environment, in data protection, in cooperation with auditors and for information / cybersecurity. This also requires skills in project and process management.
For you, this means that you not only hire competent auditors, but also “good practice” specialists and consultants.
Our services = your added value
Whether you transfer your activities to us. to use us as reinforcement or to compensate for temporary staff shortages in your organization - we want to be part of it them Generate added value for your company.
| Our range of services |
- Governance
- Compliance
- money laundering
- Privacy
- reporting system
- Audit
- IT security / Cybesecurity
- Critical infrastructure
- Project / Prozesmanagement
- Digitalization
- Cloud computing (including migration)
- JET (Journal Entry Testing)
- Data analysis
- and more
Our Aspiration
- Customer orientation, openness and loyalty
- Professional, collegial cooperation
- Flexibility and timely availability
- Independence, reliability and punctuality
- MaRisk-compliant inspection execution with
- individually tailored examination planning,
- meaningful audit reports
- ISO 27001 / BSI compliant information security management
- Appropriate planning of security audits
- Appropriate risk treatment
- Understandable reporting
- Application and compliance with common standards (e.g. ISO 2700X, BSIT IT-Grundschutz, COBIT, COSO, ITIL, IDW (PS 330/880, etc.), NIST, etc.)
- Pragmatic and up-to-date solutions in the context of compliance, security and especially economic efficiency
Added value of a cooperation with us
- Synergies through our homogeneous customer base
- many years of experience and high qualification level of the REVCOMPteams,
consisting of accountants, tax and business consultants, division managers and specialists in the field of IT operations and IT security. - Professional, long-standing network with high competence
- short training times and short decision-making paths
- competent contact persons, comprehensive service in revision, IT security, digitization and consulting
Our audit approach
We review your processes, internal control and risk management systems, including outsourced areas, for compliance, appropriateness and effectiveness. It is based on a risk-oriented audit plan tailored to your needs and covering your business and risk areas. The audit intensity is based on the individual risk content and regulatory requirements.
You will receive the corresponding reports as soon as you have completed the relevant revision checks. These include a detailed, objective analysis and summary of the audit results, a comprehensible presentation of the audit procedures performed and a risk-oriented classification of the findings or the need for action. In addition, you will receive a clearly communicated compilation of all complaints with agreements, responsibilities and implementation deadlines.
The annual overall report addressed to the Executive Board will be prepared shortly after the end of the financial year and contains in particular the following contents:
- Overview of the audits carried out in the past financial year
- Presentation of compliance with the annual audit plan
- Essential findings including agreements and measures
- Implementation status of the agreed measures
- Medium-term audit planning
Our other services
We support you in the implementation and fulfillment of the legal and supervisory requirements: from the pure consultation, over the conception up to the assumption of the functions in the context of an outsourcing relationship.
“Compliance” and “Central Office / Money Laundering”
The implementation of permanent legal and regulatory changes binds valuable capacities, especially for small and medium-sized institutions.
Here we can help you with the cast and the conception. We are also happy to assume the function of compliance officer and / or the central office (money laundering / fraud prevention) in your house, including the training of your employees.
Data protection / position of the function of the data protection officer
In addition to advice, we offer you the training of your employees as well as the assumption of the data protection officer including data protection audits, reporting and support and take on the following tasks and activities:
- Creation of a control plan for the current year with the definition of main test points, risk-based: e.g. B. order processing, information obligations, processing directory, data security / TOMs, employee data protection, awareness-raising measures, data protection guidelines or written rules, confidentiality obligations, data breaches, ensuring rights of data subjects, deletion concept, advertising & sales, website, data protection impact assessment, video surveillance, data transfer to third countries, data protection organization
- Examination of the various areas through examinations, document control, surveys, etc.
- Review of order processing contracts including TOMs for GDPR conformity
- Examination of texts relevant to data protection law, e.g. data protection notices, declarations of consent, etc.
- Support in carrying out risk analyzes in the event of data breaches / data protection breaches
- Assessment of the admissibility of new processes, information on the design
- Support with data subject rights (primarily requests for information)