The BDO group includes a law firm and outsourced services for accounting, as well as a unit that improves industrial processes. BDO Technology is the youngest child in the group, and deals with cyber security and digital transformation. We help business develop and implement security policy and business continuity plans; we check organisational resilience – including protection against cyberattacks – and we deliver training.
Because the Act on Statutory Auditors doesn’t allow a company to perform other services for the benefit of the audited organisation during the course of a financial audit, companies in the group cannot act together. This would violate the principle of impartiality. And we have a completely different specificity. However, we are united by brand and the highest possible quality of services.
We operate in many demanding areas, including digital transformation, cyber security, IT security, personal data protection and risk management. All this contributes to the audit. And here the optimal operation at the very beginning is the ‘gap analysis’. When we start work for a client, we check the company’s nervous system – its IT systems; for without IT there’s no business. After such an initial review, we issue recommendations. The priority is to search for compliance with global standards and to consider how together we can fill in the gaps optimally. But we are not inspecting and looking for non-conformity; rather, we are showing areas for improvement.
One thing you have to remember – you cannot protect against ill-will and always the weakest link will be the human being. Statistics are absolute, most of the activities against the company such as hacker attacks take place from within the organisation.
A tipping point at which everybody in management suddenly paid attention to cyber security was the introduction of the GDPR regulations on 25 May 2018. During the implementation process, some companies limited themselves to just the legal aspects, but there are also many that have done much more, for example, improving their IT systems, which are an integral part of data processing, as well as of the whole business.
Among the most interesting challenges and achievements of BDO Technology was a comprehensive long-term and multi-stage project concerning cryptocurrency with a Katowice-based company called Bitbay. It includes a description of business processes, risk analysis, implementation of information security policy elements and anti-corruption elements. Bitbay developed from a small company into a huge team with its own building and biometric access.
Another interesting project was a five-month-long security audit of a municipal water company in a major Polish city, improving its HR security, business continuity, crisis management and IT security.
This year we will direct to the market a new catalogue of training courses, including Agile (innovative training on project management) and training in an area of which there can by its very nature never be enough competence and knowledge – cyber security. It’s a good time to carry out training. For our customers, we plan new training projects, which consist of sharing valuable knowledge and upskilling people. The organisation is people, the greatest value of any company. All organisations implement their goals with the support of technology and talking about digital transformation, we often talk about using tools – cloud or artificial intelligence, but we have to remember that without human intervention, it will not happen. Digital transformation has a positive impact on companies, but it is necessary to prepare properly, understand and act in a planned way. The overriding goal is to prepare the company and its employees for the upcoming unavoidable challenges and changes. However, we do not look for problems, but we prepare companies in such a way that these changes become an opportunity for them.