Helping to Maintain Your Organization's Operational Integrity

The following services are offered by the Comprehensive Risk Services Group:

Business Risk Assessment
The risk assessment ensures internal audit resources are appropriately allocated. A typical risk assessment includes the following steps:
• Define the audit universe to include all operations and activities
• Develop risk ranking criteria relevant to business objectives
• Gather information through assessment surveys and interviews
• Compile risk ranking matrix.

Internal Audit Plan Development and Execution
Building on the risk ranking matrix, the annual internal audit plan provides a clear roadmap for the internal audit function. You can rely on Alpern Rosenthal’s seasoned professional staff to provide the best possible execution of audit plan projects. Audit plan development and
execution includes:
• Draft of audit plan incorporating risk rankings and management suggestions
• Discuss draft plan with senior executives
• Present plan to Audit Committee for final approval
• Scheduling of specific audit projects
• Process documentation and analysis
• Interviews and meetings with operational departments
• Control evaluation, testing and data analysis
• Solution development
• Reports to management and/or audit committee.

Internal Audit Consulting
Whether you are initiating an internal audit function or benchmarking an existing group against industry best practices, you can partner with Alpern Rosenthal to develop a world-class audit function aligned with your organization’s vision and values.

Operational Reviews
Using our risk-based methodology, we will evaluate the efficiency and effectiveness of various processes with your organization. Our value added recommendations will help you attain your business objectives.

Technology Control Evaluation
Utilizing Alpern Rosenthal’s team of technology experts, we can perform specialized technology audits as a component of a process review or as a stand alone project. Project examples include:
• Firewall security
• Remote access security
• Application control
• Systems implementation review and assistance
• Project management and change control
• Network security
• Business continuity and disaster recovery planning.

Sarbanes-Oxley Section 404 Compliance
Members of our Comprehensive Risk Services Group can provide assistance in planning and implementing all aspects of your Sarbanes-Oxley Section 404 Compliance efforts. Our personnel understand the complex accounting, tax, treasury and SEC reporting issues facing a public company. We have the knowledge, experience and resources to partner with you in planning, managing and executing your Sarbanes-Oxley compliance project.

SAS 70 Review/Service Auditor Report
Service auditor reports are growing in popularity and are being used by customers, prospective customers and financiers to gain an understanding of the control environment of outsourcing companies. We will provide an independent, thorough evaluation of a service provider’s control environment, activities, policies and procedures.

Compliance Review
Regulations dominate today’s business environment. We will identify applicable rules and regulations, evaluate the effectiveness of related policies and procedures and test to determine the degree of procedural compliance.

Performance Measurement Services
Wouldn’t it be nice to be able to monitor your day-to-day business performance in a timely and concise manner? Through our performance measurement process we help you identify and monitor the critical success factors that make your business successful..

Complete List of Services - PDF format