Advisory & 
Financial Services
"Straight Outta Austin"

External Audit Support

External audit support for a financial statement audit or an integrated audit may be crucial. Organization performing an audit need to ensure that the audit is conducted smoothly, efficiently, and effectively, thereby addressing and preventing potential audit risks. At NWA, we have the expertise and experience to advise management on matters ranging from scoping, testing approach, project management, and overall audit risk consideration.

Sarbanes-Oxley Readiness and Assessments

We assist in successfully establishing and maintaining an effective SOX 404 program whether you are preparing to IPO or are a mature publicly traded company. Our customized approach ensures our clients are compliant with their documentation requirements to evidence their management assessment regarding the effectiveness of internal controls over financial reporting. We manage the full SOX effort from scoping the project to performing the final assessment. Along the way, we provide regular project updates and corresponding deliverables.

Internal Audit (Co-source and Outsource)

We provide a complete internal audit function encompassing all of the essential components. Whether you are looking to outsource the function entirely, co-source our experts to supplement your audit department or in an advisory capacity to develop an effective internal audit function within your organization. We complement existing resources to provide specific areas of expertise or we can help audit departments manage peak periods. This approach allows for potential cost reduction, the opportunity to manage peak periods, and the ability to leverage specialized skill sets.

SOC 1, SOC 2 & SOC 3 Readiness

Assist with readiness over a System and Organization Controls (SOC) report which provides assurances to your customers that your organization is following best practices in an ethical and compliant manner. For service organizations looking to issue a SOC report, our readiness assessment will guide you through the stages to prepare you for a SOC examination. The approach focuses on identifying, designing, and documenting key processes, identifying controls to map to the required control objectives (SOC 1) or Trust Services Criteria (SOC 2 / 3), and developing the template of the report. We will customize our effort for particular facets of your service, and the specific control objectives or applicable criteria.

Enterprise Risk Management (ERM)

Assist with the company-wide strategy to identify and prepare for potential risks to a company's finances, operations, and objectives (including Policies, Standards and Procedures, Compliance Assessments, and GRC tool Implementation). We work together with boards and executive management with the creation, operation, and maintenance of an enterprise-wide risk management function. This process includes selecting a risk management framework, establishing a risk appetite, identifying and assessing risks across the organization, and developing effective risk mitigation strategies.

IT External Audit Support

Get reliable support for your financial statement audit needs, no matter where you are in your engagement. New Wave Advisory can help with integrated audits, cyber security inquiries with management, and SAS 145 requirements for non-public entities. We advise management on IT audit matters ranging from scoping, testing approach, project management, and overall audit risk consideration. Additionally, we provide comprehensive training over the entire risk assessment process whether it is for your immediate team or entire company.

IT Compliance

Your compliance department faces the difficult task of fulfilling auditor requests while working alongside management to objectively assess risks and processes. At New Wave Advisory, we understand the challenges that come with managing this critical function. As experts in the field, we serve as a liaison between your external auditor and first line. Our experience and expertise enable us to simplify complex audit requests and transform them into actionable tasks, cutting through the complexity and delivering results to minimize audit complications that impact your operations.

IT Internal Support (Co-source and Outsource)

We provide a complete internal audit function encompassing the essential components. This service is tailored to companies in need of audit expertise or seeking an independent viewpoint. We complement existing resources to provide specific areas of expertise or we assist audit departments manage peak periods. This approach allows for potential cost reduction, the opportunity to manage peak periods, and the ability to leverage specialized skill sets. We help companies develop an effective internal audit function, including the creation of annual plans, audit charters and other organizational functions.

IT Risk Assessments

In this day and age, technology is intertwined with most if not all aspects of business to the point where it is central to your operations. Having a comprehensive view of your digital landscape is essential. At New Wave Advisory we guide our clients and help facilitate in thinking through all the angles of potential IT risks. We assess IT Domains, from strategy to help desk operations and provide you with best practice recommendations. We help you make the right decisions to elevate your risk management practices and fortify your organization for the future.

SEC Cybersecurity Rule Compliance

The SEC Cybersecurity disclosure requirements for public and foreign issuers can be challenging. This is especially true when assessing the impact of Cyber Security incidents on financial reporting. Let us help you develop your process around cyber risk management, strategy, governance and disclosure processes that align with the SEC rule.

Cybersecurity Assessments

We perform a detailed review of your information security program - including policies and procedures, operational, and technical controls. The objective is to conduct a series of information gathering sessions with stakeholders across business and support teams in order to identify areas of improvement for the maturity of the organization's information security program. At the conclusion of an assessment, clients receive an executive report which outlines the maturity level and security posture of the organization. In addition, a list of actionable and prioritized recommendations are provided so that the organization is informed on what to remediate first.

vCISO

We assess your security posture tailor-fitted to your specific situation and information security needs. As your vCISO, we conduct a comprehensive review of your information security program - policies, standards, and procedures, technical controls - to help improve your cybersecurity strategy and recommend tools to protect and reduce business and cybersecurity risk.

FedRAMP Readiness

We provide a comprehensive Federal Risk and Authorization Management Program (FedRAMP) readiness assessment and help develop your Systems Security Plan. Our subject matter experts review your policies and procedures, as well as perform a value-based risk assessment including technical requirements, vendor dependencies, and assess your Authorization boundary.

Robotic Process Automation

We assist your organization with building a forward-looking RPA strategy which defines the future state of your business processes enabled by intelligent automation. Your RPA strategy becomes the cornerstone for further digital transformation. Our RPA consulting services help you identify automation opportunities and challenges within your workflows. This reduces human error and operational inefficiencies by establishing a foundation for automation at scale. Our subject matter experts work with your RPA vendor to implement tools, automate processes, and integrate platforms.

HIPAA/HITRUST

We perform an assessment to identify the applicable HIPAA/HITECH regulations, relevant systems and process deficiencies mapping their practices against proven controls and safeguards. The results of this effort are detailed in a roadmap to achieve compliance. HITRUST is a widely recognized security framework in the health care world, used to help companies implement controls to meet HIPAA requirements. We help companies get ready to meet the HITRUST Common Security Framework by reviewing your current practices against the HITRUST framework. We can add HITRUST to your current SOC2 assessment. Additionally, we map your existing controls to the HITRUST Common Security Framework, and test and report on them as part of your regular SOC2 assessment. It is a simplified way to demonstrate to your customers what you are doing to meet HITRUST requirements.

Penetration Testing

We provide a custom approach based on various scenarios to mirror the largest threats to your network. We employ a combination of both industry standard and customized developed solutions to perform the necessary reconnaissance, enumeration and scanning, testing and validation of security threats. We identify and exploit vulnerabilities at the web and application layer. As a baseline, we assess your environment using the OWASP Top 10, but also address other potential threats to your application environment. We attempt to circumvent security controls through coercion, diversion, phishing and other methods.

Bookkeeping

Outsource your bookkeeping processes, such as daily data entry transactions, monthly reconciliation & reporting, and management over your accounts payable and receivable.

Technology

Technology

Software

Software

Cannabis

Cannabis

Digital Assets

Digital Assets

Life Science

Life Science

Manufacturing

Manufacturing

Food & Beverage

Food & Beverage

Real Estate

Real Estate

Government

Government

Retail

Retail

ABOUT US
New Wave Advisory is a forward-thinking firm based in Austin.  We pride ourselves on being a digital advisory firm that is dedicated to quality, adaptive to our client's environment, and focused on delivering the best client service experience.

The traditional model of maintaining a physical office space is becoming increasingly obsolete, along with the necessity for a full audit team to be constantly onsite.  We recognized this shift early on and embraced a digital-first approach, making ourselves readily accessible to clients whenever we are needed. However, with a network of professionals across the United States, we are still able to provide onsite support when necessary. This ensures that our clients receive the best of both worlds: remote convenience and in-person assistance.

For publicly traded companies, staying in compliance is resource intensive.  As the trailblazers in the digital advisory space, we take on the complexities of compliance so our clients are not burdened by it.  Our capabilities include SOX compliance, Internal Audit outsourcing and co-sourcing, external IT and Cybersecurity support, readiness assessments and evaluation over SOC controls as well as other financial industry service requirements.  Our goal is to navigate these challenges on behalf of our clients, allowing them to focus on their core business objectives with confidence and ease.
  • 7500 Rialto Blvd Suite 1-250, Austin, TX 78735