Our Internal Audit, Risk and Compliance Services (IARCS) are designed to enhance the efficiency and effectiveness of internal audit functions, enterprise risk management programs, reviews of third party relationships, risks and controls management and sustainability programs. Our IARCS professionals can augment and enhance an organization's existing risk management capabilities through the use of experienced risk and controls professionals, supplemented by multidisciplinary skills from other relevant Advisory service lines to deliver comprehensive and cohesive client service solutions.
In IARCS, our clients are generally looking for insight into issues that they are facing in respect of risk and compliance matters. We are often dealing with business processes and their associated risks, and assessing the state of related controls.
IARCS services can be categorized as:
- Internal Audit co-/outsourcing: This set of services supplements or supports an organization’s internal audit function. Generally, this means deploying internal audit professionals with appropriate subject matter and industry knowledge, and operational experience (e.g. ITA professionals, procurement professionals, and others) to lead teams working with one or more members of the client’s staff.
- Intellectual Property (IP) services/contract compliance: This set of services is meant to help organizations:
- Derive enhanced value from their IP assets (e.g. assessing whether licensees are complying with their license agreements in terms of usage and payments); and/ or
- Assess compliance with contractual agreements (this might be compliance by the organization, or compliance by an external party contracted to the organization).
- Strategic Performance Review: This service refers to assessing the current performance of an internal audit (IA) department against management objectives and expectations. It is designed to help provide the IA department with a risk orientation, broaden the department's focus, or better align the IA function with the organization’s goals.
Enterprise Risk Management
Enterprise Risk Management (ERM): This set of services identifies, quantifies and prioritizes strategic risks (i.e. risks that will have the greatest impact on shareholder value). It is an efficient and effective process for conducting a top-down risk assessment that identifies and quantifies the risks that could affect the strategic well being of an organization. The objective is to help the organization find the right balance between risk and control by linking process risks directly back to organizational objectives.
- Governance Risk & Compliance: The GRC Service is an integrated framework that unifies governance, risk, compliance and assurance functions to achieve a consistent and holistic vision across the organization.
- Regulatory compliance - This set of services is designed to help an organization manage the risks inherent in the governance process. It involves assessing the governance structure in the context of the business environment and business risks, focusing on such areas as improving Board operations, embedding governance principles in corporate culture, monitoring and evaluation, and stewardship.
- Corporate Regulatory compliance - Evaluates current compliance policies and procedures; provides advice on design of the compliance function and the role of the Board, Audit Committee and management and, when appropriate, assists with the design and implementation of specific reporting systems, process requirements, and compliance programs.
Regulatory Assistance Services, including, SOX - Helps organizations assess financial controls, identify deficiencies and implement enhanced controls and practices. Specifically, our audit professionals can help ensure that the organization is compliant with the latest requirements regarding Section 404 and other relevant regulatory mandates.
Management Investigations - Helps management with problematic situations, assisting with identifying the underlying problem(s) and providing recommendations for improvements in structures, processes, and controls.