Enterprise Risk Services
Mitigate Risk, Maximize Opportunities
Enterprise Risk Management (“ERM”) is a strategic business discipline that supports the achievement of an organization’s objectives by addressing the full spectrum of its risks and managing the combined impact of those risks as an interrelated risk portfolio.
No one necessarily likes that, as a public company they need to develop, implement and monitor SOX 404 compliance rules and regulations. Nor do we want to detract from organizational goals, with compliance exercises. But the smart ones use this to gain internal value through more efficient and effective controls and systems. We can offer our experience, knowledge and expertise to help your organization to do compliance in that ‘smart’ way. Our extensive experience encompasses many areas including:
- SOX Compliance – Get more out of your Sox 404 requirement. No one necessarily likes that as a public company they need to develop, implement and monitor these Sox rules. But the smart ones use it to gain internal value through more efficient and effective controls and systems. We help to create, oversee and manage your internal controls, not just to be compliant, but to be effective and efficient.
- Internal Audit – Every function in a business is expected to do more with less. They are also expected to add value to the enterprise. Internal audit is no exception. We help make it more than just a compliance function, but examine compliance cost and other cost containment initiatives. This can include:
- Gap Analysis – Let’s compare performance with potential. If your company does not make the best use of its resources, it may produce below its potential. We look to identify that gap and point to where and how to optimize.
- Quality Assurance Review – Get an assessment of your internal audit’s effectiveness and identify potential enhancements to their process, in line with industry standards.
- Internal control, as defined in accounting and auditing, is a process for assuring achievement of an organization’s objectives in operational effectiveness and efficiency, reliable financial reporting, and compliance with laws, regulations and policies. A broad concept, internal control involves everything that controls risks to an organization.It is a means by which an organization’s resources are directed, monitored, and measured. It plays an important role in detecting and preventing fraud and protecting the organization’s resources, both physical (e.g., machinery and property) and intangible (e.g., reputation or intellectual property such as trademarks).
At the organizational level, internal control objectives relate to the reliability of financial reporting, timely feedback on the achievement of operational or strategic goals, and compliance with laws and regulations. At the specific transaction level, internal control refers to the actions taken to achieve a specific objective (e.g., how to ensure the organization’s payments to third parties are for valid services rendered.) Internal control procedures reduce process variation, leading to more predictable outcomes.
Using the many years of experience in working through large and small organizations and control systems, we can help you manage your initial set up or re-evaluation of the systems and processes to be sure they are producing the end result your organization requires.
- Segregation of Duties
- Process Design
- Process Remediation
- Process improvement
- Project Management
- Internal and external audit co-sourcing
- Testing information technology computer controls
- Fraud investigations (especially in Latin America)