Multicont analyses and evaluates Internal Control Systems (ICS) and IT-systems. We audit service organizations, issue software certificates and perform IT-audits within the framework of financial audits.

The purpose of ICS is to ensure that your business processes are operationally effective and efficient while providing reliable financial reporting which is compliant with laws, regulations and policies.

Multicont tests existing Internal Control Systems in accordance with ISAE 3402 for their effectiveness, efficiency and provides a risk assessment and recommendations for improvements in weak areas.

Multicont offers training, seminars and customised handbooks in the area of ICS.

Setting up an adequate Internal Control System is a big challenge for small and mid-sized businesses in so far as observing and following the legal requirements.

We provide support to businesses who want to set up and monitor an adequate internal control system. Our web-service based ICS-tool administrates control procedures and centrally processes and stores evidentiary documents. Reminder e-mails are automatically sent to responsible parties and the supervisory board and management can be informed with our automatic reporting function.

The data is stored in an Austrian banking data centre which follows the highest international security standards.

Important management decisions are often based on the continually ever growing amounts of complex data collected.  Erroneous and or incomplete data can result in poor management decisions and can also result in faulty reporting to the financial market authorities.

Multicont analyses large quantities of data with the purpose of detecting errors and inefficiencies in data management, any potential risks and weaknesses as well as indications of fraud.

Further, we audit data for completeness and accuracy with the purpose of maintaining and ensuring reporting compliance to the financial market authorities.

When a business outsources important functions they must ensure the service organisation has and follows adequate ICS in so far as the outsourced functions are concerned.

Multicont audits ICS for service organisations in accordance with the European ISAE 3402 as well as Austrian standards like iwp PE 14. In the event a business outsources IT functions, we audit business processes and applications as well as system settings on hosts, servers and networks.

So that the financial auditor can rely on the accuracy of the information obtained by the system, IT has to be audited in the course of the financial audit.

The focal point of the audit are the accounting relevant systems and its application.

We support businesses in preparing for the certification of their information security management system in accordance with ISO/IEC 27001. We can also prepare businesses for add-on certifications like ISO 270018 (cloud data protection). This ensures that your business follows GDPR requirements.

Multicont works with CIS – Certification & Information Security Services GmbH in the above mentioned certification processes.


Franz Rauchbauer

Franz Rauchbauer