Project Examples
Our project experience is very broad, and our success is very consistent. The following is just a small sample of what we do. Contact us to learn more about our past projects for clients like you and how we can serve your organization.
Service Organization Control (SOC-2) SSAE-18
We provide SSAE-18 related services for various companies, including an international software development organization, a professional services provider, and other FinTech companies. On these projects, we first determine the necessary Trust Service Criteria cover. Next, we thoroughly evaluate the current status of all relevant operations and technology, revise policies and procedures where necessary, and prove and evidence all controls that led to unqualified opinions and attestations.
Sarbanes-Oxley Project Design and Management
We assumed management and control over a SOX compliance project for an NYSE-listed company that was late and over budget. The project was reorganized, communication with the External Auditor was established, documentation completed, key controls identified, test plans implemented, and remediation completed where appropriate. The company’s 10K was filed with an unqualified opinion expressed by the External Auditor on the financial statements. Best of all, the process has become more efficient and less expensive each year.
Workflow Analysis and Documentation
A reorganizing company had a complex set of procedures described by the court and attorneys, which we reviewed and documented as a flow chart to determine the plan’s feasibility. This work was designed to determine any open ends that did not complete the cycle and then serve as the basis for laying out the workflow and approval process. Since then, the workflow documentation has become a training document.
Sarbanes-Oxley Audit as Part of an Integrated Audit
We conducted independent testing of SOX IT control as part of an Integrated Audit under contract to one of the Big 4 accounting firms. Our testing included Information System Resource Strategy and Planning, Information System Operations, Information Security, Business Continuity Planning, Application System Implementation, Database Implementation, and Support, Network Support, System Software Support, and Hardware Support.
Internal Audit
An NYSE-listed company required a quick, reliable implementation of its Internal Audit function. Alongside their Audit Committee of the Board of Directors, we developed the annual Internal Audit Plan and implemented the components on an agreed-upon schedule. Additional ad hoc IA activities were covered when appropriate in response to management directives or whistleblower provisions. Year-to-year work has allowed rotation of all critical controls.
Telecommunication Network Design
A real estate company with offices and functions nationwide determined they had inefficiencies in certain distributed processes. We analyzed all the workflow and modified existing systems to take advantage of modern telecommunication improvements. These steps facilitated centralization, better control of finances, and improved timeliness for reporting to management.
System Evaluation Analysis and Consolidation
One of the largest securities brokers recognized a problem with their utilization of five different Customer Relationship Management systems. Due to a combination of homegrown software, purchased software, and subscription services, there was no integration, a lot of repetitive operations, and divergent uses. We analyzed each system’s uses, mapped the various databases, and recommended a single solution that satisfied all users and saved money.
Data System Integrity Audit
A private financial services provider company is required to report annually to a number of large clients on the status of their Internal Controls. Using SAS-70 as a model, we conduct an annual review of their Internal Controls and make remediation recommendations. This review encompasses all the controls for processing client data and all the IT controls.
JSOX Prototype Development and Compliance
A Tokyo-based securities company sought compliance with Japan’s Financial Instruments and Exchange Law (JSOX). We partnered with their management to design the required documentation and Risk Control Matrices. Ongoing work includes testing of all financial procedures and IT processes with evaluations of results and recommendations for appropriate remediation.
Environmental Design and Build-Out
Our partnership with a company providing environmental, ergonomic, and technological services has benefited many clients seeking to consolidate operations, save money, relocate offices, and improve environmental citizenship. The technology involved includes alternative energy sources, futureproof computer infrastructure and wiring, use of sustainable materials, improvement of energy efficiency, and use of low environmental impact materials.