As technology is essential to all businesses, then the management of technology should be considered business critical. But most managers of small to medium-sized enterprises are too busy looking after their profit and loss accounts to pay attention to their IT risk and security management.

Forwarding-thinking audit and accounting firms have introduced IT risk management into their portfolio of services. The days when such work was only done by consultants and niche IT service firms have gone: IT risk management should be now be part of the auditors’ tool-kit.

ILV SILVER can help you identify your business-critical data and how it is managed. Working closely with senior and IT managers, we design and implement procedures to safeguard intellectual property, employee records and customer data.

Our technology services professionals have experience both of running the IT department of a Big 4 firm and as external consultants advising many companies with sensitive data. We complement our IT-focussed team with financial audit professionals who have considerable experience in reviewing and implementing system controls to safeguard valuable data.

Our IT risk management services include the following, although we always adapt our services to the needs of our clients:

  • Cyber security
  • IT due diligence
  • Data security
  • IT strategy and service management
  • Data advisory and analytics
  • Business continuity and disaster recovery plans

Our head of IT services, Enrique Lopez, is a BSI certified ISO27001 lead auditor.

The ISO/IEC 27001 framework is the international standard for information security management systems (ISMS). ISO/IEC 27001 is a robust framework to help protect information such as financial data, intellectual property or sensitive customer information. It helps identify risks and puts in place the right security measures, so that risks to information can be managed and reduced. ISO/IEC 27001 protects your business, your reputation and adds value. As such ISO 27001 can represent a cornerstone for most security audits or compliance requirements.


Enrique started his career with PWC and was a tax manager between 1995 and 2005. From 2000, he was also an IT manager and became IT senior manager in 2005 with responsibility for IT risk management at PwC. Since 2011 Enrique has been working with ILV SILVER as both internal and external IT consultant, and currently heads its IT risk management services.

– Cloud Computing and Community Management, UOC, 2011-2012
– Installation and Administration and of Documentum Stratesys, 2005-10
– Administration and Tuning of Windows Server and Oracle10g, 2005-10
– Masters in Tax Consultancy from Abad Oliva, Barcelona, 1988
– Law Degree from Barcelona University, 1984
– BSI certified ISO27001 lead auditor