Risk Advisory Services
Through efficient risk management, we help organizations to reinforce the focus on internal controls and to improve organizational management and information systems, assisting our clients permanently in order to develop and achieve improvement in important issues such as:
Internal Audit
- Implementing internal audit function.
- Restructuring internal audit function.
- Advice on strategic internal audit issues.
- Support on highly complex and non-routine audits (royalties, constructions, call centers, help desk, suppliers, quality, industrial, manufacturing, human resources, etc.).
- Audits and contractors´ control, implementation of technological solutions for their control.
- Performance audit.
- Special investigations.
- Risk management advisory services.
- Internal audit outsourcing and co-sourcing.
- Introduction of technological tools to automate internal audit tasks.
- Advisory services for the implementation of internal control systems based on COSO.
- Advisory services for the implementation of audit procedures as well as continuous monitoring through Business Intelligence technology.
- Control Self Assessment implementation
- Support for Quality Assurance Review (QAR) on internal audit.
- SOD Analysis (segregation of duties - Profiles in ERP).
Corporate Governance, Ethics and Transparency
- Introduction to corporate governance best practices.
- Advice to audit committees.
- Integration of Audit Committees as Independent Directors.
- Advice on Board of Directors´ responsibility.
- Organizational Design - Management Structure.
- Design and implementation of codes of conduct, ethics and best business practices.
- Implementation and administration of ethical and report lines (whistle-blowing)
Compliance (Rules and Regulations)
- Compliance with Sarbanes - Oxley Act.
- Compliance with decree. 677, Resol. 516 and those regulations arising from regulators.
- Risk assessment of non-compliance with regulations.
- Compliance with federal and state regulations.
- Collaboration for the development and implementation of compliance programs.
- Testing preparation and execution (manual and automatic controls effectiveness tests, at entity and transactional levels).
- Control certification on outsourced processes SAS 70.
- Contract analysis - Contract risk inventory.
- Regulatory compliance automation - Introduction of GRC technology - Governance Risk & Compliance.
- Advice on the implementation of the Compliance Department as well as training the Compliance Officer.
- Compliance inventory and design of regulatory compliance matrix.
- Design of regulatory compliance controls.
- Determining priorities and presenting solutions to lack of controls.
- Regulatory compliance per industry (energy, petroleum & gas, telecommunications, Life Sciences, etc.).