Risks exist in every decision an organization takes in achieving its business objectives. It’s important for companies to identify their risk appetite in order to evaluate their risk response strategy. But risk management goes beyond merely identifying and mitigating risk.
It requires implementing globally-accepted methodologies and governance frameworks — such as COSO internal controls and COSO ERM framework — to ensure risk management is embedded in the DNA of all employees across all three lines of defense. Therefore, it’s important for organizations to implement a risk management strategy that’s aligned with their business strategy and objectives.
At Centri, our internal control risk assessments help you identify, prioritize, and provide actionable solutions to manage your risks and compliance obligations, while considering the current state of your organization and industry. We’re dedicated to understanding your unique needs in order to take a holistic, integrated approach to risk management. We have the foresight to anticipate future challenges to help you stay ahead of threats and turn risk into a competitive advantage.
Effective risk management starts with the identification of the key risks and threats (internal and external) facing your organization and industry. One of the key risk mitigation strategies is ensuring implementation of sound internal controls that are both preventative and detective in nature.
These include proper risk management governance, education, and KPIs tied to appropriate risk management, compliance programs, internal audits, and robust risk intelligence measures. We offer the advisory risk management services below to help you manage and mitigate potential risk and compliance obligations within your organization.
Implementation of a sustainable SOX program in accordance with COSO 2013 internal control framework, including process documentation, risk, and control identification
Ongoing support for management’s assessment for ICFR (SOX 404a and 404b), including scoping, risk assessment, walkthroughs, testing, and reporting (including external auditor coordination) in a fully outsourced or a co-sourced model with applicable PCAOB and SEC guidance and requirements for integrated audits
Evaluation of IT General Controls (ITGCs) and new system implementations
Remediation of material weaknesses and significant control deficiencies
Training support to establish accountability for control and process owners
Environmental, Social and Governance Services (ESG Advisory)
Assist management and the Board in developing a roadmap to achieve ESG objectives
Develop processes, policies and procedures for ESG reporting
Evaluate internal controls for ESG related system implementations; data collection and metrics reporting
Provide advice to management and Board on internal controls and process improvements on best practices
Assist management and external auditors for ESG independent assurance readiness