While internal controls have always been a critical component of a corporate infrastructure, never before has the focus and attention on this area been so great. With the enactment of the Sarbanes-Oxley Act (SOX), terms like COSO and CobIT have become commonplace in offices well beyond internal audit. We are proud to be associated with our sister firm, Clark Schaefer Hackett, connected with the PCAOB, IIA, SEC, and AICPA, which requires us to monitor our approach to consulting on a regular basis and helping to ensure that we are following industry “best practices” and standards.
In addition to having a comprehensive financial, operational and compliance auditing approach, we combine these areas of expertise with significant experience in IT auditing to provide a holistic approach to reviewing internal controls and managing risks. To remain competitive, businesses have continued to automate more processes and upgrade legacy systems and with this growing dependency on automation comes the corresponding reliance upon automated controls. To manage these risks, the need for competent review and audit of the IT arena is greater than ever which includes IT general computer controls, application controls and continuous auditing through Computer Assisted Audit Techniques (CAATs).
Our compliance work includes a variety of standards and regulatory requirements, ranging from SOX, JSOX, and MAR to AML, BSA, GLBA, and others. Often our projects involve several such regulations, to allow for the most efficient approach. In addition, we partner with Clark Schaefer Hackett for attestation work including the SOC 1, 2, and 3, as well as the new SOC for Cybersecurity.