Skip to content

Protecting systems and data demands constant attention. Inadequate security can lead to unauthorised access to or disclosure of data or it may allow criminals to seriously disrupt business processes. On top of that, supervisory authorities and society in general are increasingly demanding evidence and accountability when it comes to information security and privacy protection. Our specialists at Baker Tilly IT Advisory can give you insight, control over and assurance about your data protection. We can help you assess the impact of relevant technological innovations in terms of security risks, and give you the insight you need.

Policy and risk analysis         

Your organisation wants to identify and control IT risks, while at the same time complying with IT and data protection legislation. We can help you to clarify the IT risks you face in your specific situation, identify the measures already taken and draw up a plan and policy. This will give you an up-to-date risk inventory and information security policy that you can use for strategic execution and external accountability.

Once you have our recommendations, we can provide further guidance in implementing the policy, for instance by developing plans in greater detail, discussing progress periodically, making suggestions and monitoring the quality of the implementation. We are ideally placed to guide you when implementing your policies because our experience covers auditing, consulting and HR matters.

We don't stop at providing just policy recommendations. At Baker Tilly we ensure successful implementation by offering comprehensive guidance and support every step of the way. Our team of IT experts is well-equipped to develop detailed plans, provide regular progress updates, make valuable suggestions, and monitor the quality of the implementation process. With our extensive experience in auditing, consulting, and HR matters, we're the perfect partner to guide you towards achieving your policy objectives.

Privacy consultancy services

Due to privacy legislation and operational and reputational risks, it is important to store your privacy-sensitive data securely. The first step is to understand how well your organisation complies with the requirements of privacy legislation. We carry out a baseline measurement for your organisation to determine whether your privacy protection measures are adequate. We can then determine the extent to which the measures in place need to be adapted to comply with the legislation. In the process, we contribute knowledge about dataflows and systems and the requirements of GDPR legislation.

For this, we use up-to-date and practical frameworks such as the privacy control framework of our professional organisation, the Dutch Association of Registered EDP Auditors (NOREA). We have developed a measurement tool based on legislation frameworks, which you can use to detail the measurement process in a structured and transparent way. Based on the assessment, we can create a plan for improvements together, including a system for monitoring your improvements. We can help with the implementation of the well-defined improvement plan too. Because our experts combine auditing, consultancy and HR experience, we are ideally placed to work out a good approach for conducting internal reviews and audits.


We provide valuable reports with insights that you can understand. Additionally, we can provide a technical report that you can use to give your suppliers suggestions and advice on how to address the underlying vulnerabilities. The results of our vulnerability scan help you to address the risks in good time. This in turn helps to make your environment safe/safer and you can rest assured that your data protection is properly set up.

Customer story

If you’re interested in what data protection actually means in practice, read our client story about the vulnerability scan we carried out at SDW.

Read more


Discover other specialisations within IT Advisory

IT Assurance

As a user or supplier of IT systems, you want to get or give assurance that these systems are properly controlled and secured. Based on assurance reporting, Baker Tilly IT Advisory can help you to demonstrate that your processes are solid, that quality is assured and risks are managed.

View this service

Information management

Baker Tilly IT Advisory can examine your IT environment and give you insight into its quality and potential, as well as areas for improvement. When selecting IT systems, we then look at the balance between the IT organisation, infrastructure, people, processes and costs.

View this service

Financial audit support

ICT changes administrative organisation and accordingly, annual audits. Baker Tilly has an IT-driven audit approach that involves deploying process mining, data analysis and investigating system checks and IT general controls, to mention a few.

View this service

Data Analytics & Business Intelligence

Effective management and insight into your data are important for taking advantage of its value, preventing disruptions and providing accurate management information. We can help you examine and configure data environments including by means of dashboarding, RPA, AI and predictive analytics.

View this service