Mitigate risks and make informed decisions that enable your company to operate responsibly

From financial risks to operational risks to overall enterprise risks, identifying all risks and ensuring that controls are in place to mitigate them is key to maintaining a successful organization. We can evaluate, identify, and document your organization’s risks. If there are risks that are identified without mitigating controls, we can identify, develop, and implement the necessary mitigating controls.

Risk and Control Support (Sarbanes-Oxley & Model Audit Rule)

Our consultants have significant experience with Sarbanes-Oxley Act (SOX) implementation and testing as well as Model Audit Rule (MAR) implementation and testing. We can assist your organization by either leading or supporting your compliance efforts. 

• Firms have different levels of risk maturity. Larger firms may have a mature Enterprise Risk Management group, which collaborates with management and the Internal Audit department. In such cases, BROADSTONE can assist by leading special projects and backfilling open risk positions. An example of a Risk Management project we have performed is a review of segregation of duties within a business unit. We have also acted as a risk manager by preparing Risk Assessments, from the initial process review, through risk identification and quantification and finally risk mitigation solutions. 

• Clients with a less mature Risk Management structure may request an enterprise risk review. To begin, we gain an understanding of the organization, the industry, the organization’s goals, the historical financial trending, and the existing accounting and financial processes. If previous risk assessments have been performed we will review the previously identified risks. 

• Whether complying with SOX or MAR, we can assist by identifying risks and mitigating controls, developing test plans, performing testing, and reporting to management as well as the external audit firms regarding the organization’s compliance and compliance strategy.

• You have just been audited and have been informed that your organization has control deficiencies. You do not have internal resources to address the findings. Now what? BROADSTONE can assist you in remediating your control deficiencies, establishing controls, documenting the newly implemented controls, and training your staff to ensure the controls are working effectively.

• Your organization has just acquired another organization. As part of the acquisition, you must transition all the systems, controls, and processes; however, there are not enough internal resources available. Turn to BROADSTONE for the support needed.

Internal Audit Support and Co-Sourced Internal Audit Arrangements

Co-Sourced Internal Audit Arrangements can be an effective and efficient means of maintaining an internal audit department without the overhead and staffing costs. We will work directly with your Director of Internal Audit to develop audit programs and conduct internal audits that will efficiently evaluate your internal controls and risks as well as identify areas for process improvement.  We will collaborate with your management team while maintaining a state of independence, allowing the external auditors to rely upon our procedures.

External Audit Preparation - We will help you reduce the overall cost of an external audit by preparing your organization for the audit and performing internal audit procedures which may be relied upon by the external auditors. Our quality and attention to detail is unrivaled by many in our field, and our competitive pricing is substantially less than external audit fees, resulting in significant cost savings to your organization.

Internal Audit Support - We will support your existing internal audit team when your organization has insufficient in-house resources. We are able to provide internal resources at all levels, including staff, managers, senior managers, or directors.