Delivering independent services to protect and grow shareholder value:
Delivering Internal Auditing & SOX services with gusto!
The reality is that many companies have needs beyond their internal audit staffing capabilities, or perhaps simply do not have an internal audit function. KU has the resources to bridge capability gaps and identify vulnerabilities. We can report directly to the Board and/or Audit Committee thus enhancing independence of test results and making the efforts more acceptable to external auditors in support of SOX-404 efforts. The fact that we are a licensed accounting firm rather than simply a consulting firm adds credibility to our services by raising the comfort level with audit committees and external auditors. Bottom-line, we exist to serve you.
We apply a top-down, risk-based approach consistent with SEC staff guidance to identify applicable objectives, risks and controls. This approach explicitly includes IT general controls and entity-level controls that touch a wide array of functions and departments. A company's culture, as well as its process for attracting, developing and retaining employees, are examples of entity-level control areas that have a pervasive effect on objectives, including internal controls over financial reporting (ICFR). IT general controls and software application controls may also be relevant to ICFR, but this depends on the technology infrastructure and ultimate uses of it. There is a lot of judgment that factors into this, and having a KU independent perspective can help pave the way to a smoother external audit.
We leverage COSO's Internal Control - Integrated Framework, as well as ISACA's Control Objectives for Information and Related Technologies (COBIT framework) and various cybersecurity frameworks, to test the design and operating effectiveness of IT controls. It is important to remember that these frameworks can and should also be used to help achieve operating, compliance and reporting objectives, not just ICFR. We understand how to apply these frameworks through a diverse team of skill-sets with practicality foremost in mind. standards.
Risk and Opportunities are Two-Sides of the Same Coin
All organizations face uncertainty, but not all confront their risks and opportunities head-on thus jeopardizing shareholder value. KU offers an array of independent risk assessment services ranging from organizational-wide to specific operating, compliance and reporting objectives. The result is an objective glimpse into risks and opportunities for both boardrooms and management. Leveraging COSO's Enterprise Risk Management framework, along with our array of knowledge and tools helps to unlock previously unknown potential events (both adverse & advantageous) to protect and grow shareholder value.
Until you spread your wings you'll have no idea how far you can fly!
Contact KU to explore how far you can fly.