External audit support for a financial statement audit or an integrated audit may be crucial. Organization performing an audit need to ensure that the audit is conducted smoothly, efficiently, and effectively, thereby addressing and preventing potential audit risks. At NWA, we have the expertise and experience to advise management on matters ranging from scoping, testing approach, project management, and overall audit risk consideration.
We assist in successfully establishing and maintaining an effective SOX 404 program whether you are preparing to IPO or are a mature publicly traded company. Our customized approach ensures our clients are compliant with their documentation requirements to evidence their management assessment regarding the effectiveness of internal controls over financial reporting. We manage the full SOX effort from scoping the project to performing the final assessment. Along the way, we provide regular project updates and corresponding deliverables.
We provide a complete internal audit function encompassing all of the essential components. Whether you are looking to outsource the function entirely, co-source our experts to supplement your audit department or in an advisory capacity to develop an effective internal audit function within your organization. We complement existing resources to provide specific areas of expertise or we can help audit departments manage peak periods. This approach allows for potential cost reduction, the opportunity to manage peak periods, and the ability to leverage specialized skill sets.
Assist with readiness over a System and Organization Controls (SOC) report which provides assurances to your customers that your organization is following best practices in an ethical and compliant manner. For service organizations looking to issue a SOC report, our readiness assessment will guide you through the stages to prepare you for a SOC examination. The approach focuses on identifying, designing, and documenting key processes, identifying controls to map to the required control objectives (SOC 1) or Trust Services Criteria (SOC 2 / 3), and developing the template of the report. We will customize our effort for particular facets of your service, and the specific control objectives or applicable criteria.
Assist with the company-wide strategy to identify and prepare for potential risks to a company's finances, operations, and objectives (including Policies, Standards and Procedures, Compliance Assessments, and GRC tool Implementation). We work together with boards and executive management with the creation, operation, and maintenance of an enterprise-wide risk management function. This process includes selecting a risk management framework, establishing a risk appetite, identifying and assessing risks across the organization, and developing effective risk mitigation strategies.
Get reliable support for your financial statement audit needs, no matter where you are in your engagement. New Wave Advisory can help with integrated audits, cyber security inquiries with management, and SAS 145 requirements for non-public entities. We advise management on IT audit matters ranging from scoping, testing approach, project management, and overall audit risk consideration. Additionally, we provide comprehensive training over the entire risk assessment process whether it is for your immediate team or entire company.
Your compliance department faces the difficult task of fulfilling auditor requests while working alongside management to objectively assess risks and processes. At New Wave Advisory, we understand the challenges that come with managing this critical function. As experts in the field, we serve as a liaison between your external auditor and first line. Our experience and expertise enable us to simplify complex audit requests and transform them into actionable tasks, cutting through the complexity and delivering results to minimize audit complications that impact your operations.
We provide a complete internal audit function encompassing the essential components. This service is tailored to companies in need of audit expertise or seeking an independent viewpoint. We complement existing resources to provide specific areas of expertise or we assist audit departments manage peak periods. This approach allows for potential cost reduction, the opportunity to manage peak periods, and the ability to leverage specialized skill sets. We help companies develop an effective internal audit function, including the creation of annual plans, audit charters and other organizational functions.
In this day and age, technology is intertwined with most if not all aspects of business to the point where it is central to your operations. Having a comprehensive view of your digital landscape is essential. At New Wave Advisory we guide our clients and help facilitate in thinking through all the angles of potential IT risks. We assess IT Domains, from strategy to help desk operations and provide you with best practice recommendations. We help you make the right decisions to elevate your risk management practices and fortify your organization for the future.
The SEC Cybersecurity disclosure requirements for public and foreign issuers can be challenging. This is especially true when assessing the impact of Cyber Security incidents on financial reporting. Let us help you develop your process around cyber risk management, strategy, governance and disclosure processes that align with the SEC rule.
We perform a detailed review of your information security program - including policies and procedures, operational, and technical controls. The objective is to conduct a series of information gathering sessions with stakeholders across business and support teams in order to identify areas of improvement for the maturity of the organization's information security program. At the conclusion of an assessment, clients receive an executive report which outlines the maturity level and security posture of the organization. In addition, a list of actionable and prioritized recommendations are provided so that the organization is informed on what to remediate first.
We assess your security posture tailor-fitted to your specific situation and information security needs. As your vCISO, we conduct a comprehensive review of your information security program - policies, standards, and procedures, technical controls - to help improve your cybersecurity strategy and recommend tools to protect and reduce business and cybersecurity risk.
We provide a comprehensive Federal Risk and Authorization Management Program (FedRAMP) readiness assessment and help develop your Systems Security Plan. Our subject matter experts review your policies and procedures, as well as perform a value-based risk assessment including technical requirements, vendor dependencies, and assess your Authorization boundary.
We assist your organization with building a forward-looking RPA strategy which defines the future state of your business processes enabled by intelligent automation. Your RPA strategy becomes the cornerstone for further digital transformation. Our RPA consulting services help you identify automation opportunities and challenges within your workflows. This reduces human error and operational inefficiencies by establishing a foundation for automation at scale. Our subject matter experts work with your RPA vendor to implement tools, automate processes, and integrate platforms.
We perform an assessment to identify the applicable HIPAA/HITECH regulations, relevant systems and process deficiencies mapping their practices against proven controls and safeguards. The results of this effort are detailed in a roadmap to achieve compliance. HITRUST is a widely recognized security framework in the health care world, used to help companies implement controls to meet HIPAA requirements. We help companies get ready to meet the HITRUST Common Security Framework by reviewing your current practices against the HITRUST framework. We can add HITRUST to your current SOC2 assessment. Additionally, we map your existing controls to the HITRUST Common Security Framework, and test and report on them as part of your regular SOC2 assessment. It is a simplified way to demonstrate to your customers what you are doing to meet HITRUST requirements.
We provide a custom approach based on various scenarios to mirror the largest threats to your network. We employ a combination of both industry standard and customized developed solutions to perform the necessary reconnaissance, enumeration and scanning, testing and validation of security threats. We identify and exploit vulnerabilities at the web and application layer. As a baseline, we assess your environment using the OWASP Top 10, but also address other potential threats to your application environment. We attempt to circumvent security controls through coercion, diversion, phishing and other methods.
Outsource your bookkeeping processes, such as daily data entry transactions, monthly reconciliation & reporting, and management over your accounts payable and receivable.