Internal Audit & SOX Compliance

Operational Audits: Plan and execute risk-based operational audits to evaluate efficiency and effectiveness of business processes.

Compliance Audits: Plan and execute risk-based compliance audits to ensure entity's compliance with the established company policies and procedures (e.g., Time & Expense, Accounts Payable, Debt Covenants).

Contract Reviews & Vendor Audits: Review Master Service Agreements (MSA) and Statements of Work (SOW) for contractual agreements between parties to identify contract risks, detail review of invoices and line-item billing details, analyze the systematic processes and process breakdowns, and evaluate the processes and services provided for compliance with MSAs and SOWs.

Follow-Up Audits: Perform follow-up internal audits to ensure previously identified observations and recommendations have been addressed and fully resolved by management.

SOX 404 Testing: Test the design and effectiveness of the SOX 404 internal controls. Provide assistance to external auditors of potential clients in controls testing needs for control reliance purposes.

Risk Assessment & Internal Controls Evaluation: Evaluate the adequacy of internal controls over key business processes by applying a systematic and consistent approach to identify key risks and any gaps in existing operational control structure, find opportunities for control improvement and, as necessary, assist business process owners to develop and implement a control structure to mitigate identified risks.

SOX Documentation: Create mid to high-level business process flowcharts and SOX process narratives and identify key internal controls as well as any gaps in the control structure in order to design and provide constructive recommendations to improve overall control environment and ensure appropriate controls are in place. Design new and / or update existing RCMs (risk control matrix) for completeness and accuracy of the internal controls to ensure alignment of the controls with identified risks and control objectives.

Documentation Protocols: Design, develop, and implement audit documentation protocols and methodologies for audit fieldwork and reporting including audit program, attribute testing and internal audit report templates