INTERNAL AUDIT
Would You Like Me to Personally
Audit the Key Controls That Are
Putting Your Organization At Incredible Risk and
Costing You Thousands Of Dollars Each Year,
And Do All of That
…For Next to Nothing? (Actually, a Net Gain to You)
Dear Fellow Business Executive,
I’ve built my business by providing high-level, personalized service to folks just like yourself.
Periodically, I have a small opening in my schedule. When that happens, I seek out one of the very rare executives who truly understands and appreciates the amount of money at risk of loss, or money that can be saved, through the identification of critical control weaknesses, and the design and implementation of critical internal controls to correct those weaknesses.
If you’re that executive, we should talk. Click below if you’re ready to schedule a brief call.
(Due to overwhelming demand for our services and the need to provide our current clients with our full attention and exceptional service, we are not accepting new clients at this time. However, if you’re one of those rare, visionary executives who truly understands the value of the services we provide, please email us to be placed on our waitlist. Periodically we have an opening and we will contact when a spot becomes available.)
There is no cost to you for this introductory call. In fact, it will likely pay you dividends.
So, what do I do?
Should we decide to work together, I will personally execute one critical, or a series or critical, internal audit(s) to identify key controls weaknesses and make recommendations for corrective actions to resolve those weaknesses. I can also execute the work to implement those corrective actions to resolve those weaknesses.
Specifically, I will:
-
Develop an audit plan based on your needs;
-
Fully execute the audit plan;
-
Identify key control weaknesses;
-
Recommend corrective actions;
-
Help lead your organization’s efforts to resolve the audit findings and implementation corrective actions; and
-
Conduct follow-up review(s) to ensure that corrective actions are effective at resolving all control weaknesses.
What sort of internal control weaknesses am I talking about? There are thousands of critical controls that protect an organization. Here is a small sample, along with actual, real-life implications of control weaknesses.
-
Controls to prevent data breaches. Weak controls at Equifax led to the exposure of the personal data of 140 million Americans. Such control weaknesses are commonplace and can devastate any organization.
-
Controls to prevent ransomware attacks. Control weaknesses with the city of Atlanta brought the city to its knees when it was the victim of a ransomware attack that could have been prevented. Is your organization protected against such attacks?
-
Controls over your vendors or outsourced services. Federal auditors found that the State of Nevada did not properly oversee some of its vendors, resulting in a recommendation that the State of Nevada reimburse the Federal government $8.2 million.
-
Controls over your Accounts Payable. A project manager was indicted for fraud in a $1.5 million false invoice scheme. The manager set up a fictitious company for which he submitted false invoices to his employer’s company, and then approved payments to his fictitious company.
How confident are you that:
-
All of your key IT security controls are in place and operating effectively? For example:
-
Do you know every person in your organization who has an administrative account, for what specific purposes, and on what applications and systems?
-
Has any employee ever downloaded confidential data? How would you know?
-
-
Have you ever been hacked? How would you know?
-
All of your insider risks have been fully identified and controls put in place to prevent and detect all insider threats?
-
All of the Accounts Payable key internal controls are in place and operating effectively? For example, have you ever received or paid a fraudulent invoice? Or an invoice for more than a vendor was entitled? How would you know?
-
Any and all other key controls are in place and operating effectively? (see key risks below).
What are some other key risks areas for which you should be concerned, and for which an expert Internal Audit could prove invaluable? Here’s a partial list.
-
Market/Reputation risk
-
Financial risk
-
Operational risk
-
Legal/regulatory risk
-
Strategic risk
-
Technology risk
-
People/culture risks
-
Fraud risk
If you are that very rare executive who truly understands and appreciates the amount of money at risk of loss, or money that can be saved, through the identification of critical control weaknesses, and the design and implementation of critical internal controls to correct those weaknesses, we should talk.
Here’s how it works. Simply click on the button below and select one of the available slots on my calendar for an introductory call. If there are no slots available, you’ll be added to the waiting list and I’ll get back to you on a first come first served basis. If you’re having trouble accessing my calendar, please use our contact form on the contact page.
During the introductory call, I’ll get to know a little bit more about your situation and whether I think I can help. I’ll learn about what you’ve got, what you’re doing, and what you want to achieve.
You’ll also get to know a bit more about me, and together we’ll decide if it makes sense to proceed with a meeting at your offices.
When we meet at your offices, whether or not we decide to work together, I’ll provide you with additional insights on how to protect yourself and your organization from critical control weaknesses.
At no cost to you.
(After doing this for over 31 years, I’ve gotten fairly good at not just helping organizations solve large, long-term challenges in this area, but at quickly assessing situations and providing some immediate feedback that you can use right away).
At the end of our meeting in your offices, one of two things will happen:
-
You will more fully appreciate and understand the risks you face and have some tools and techniques for addressing those risks but decide you can handle them on your own.
-
You will more fully appreciate and understand the risks you face and ask to become my client so I can personally help you and your organization reduce your risks and increase your related ROI.
If that’s the case, I’m confident we’ll knock it out of the park.
It’s really that simple. No catch.
The worst that can happen is that you have some tools and more information to handle things on your own. That information, if acted upon, can immediately save you money and reduce your risk.
The best that can happen is we work together to substantially reduce your risks, protect you and the organization from potential negative outcomes, and increase your ROI.
And here’s something even bigger to consider.
What does it cost?
My fee for this specific service is generally around a few thousand dollars per month, depending on the scope of the project and services involved. And that’s usually a drop in the bucket, especially when you consider all of the value that will be delivered.
But the reality is that this really doesn’t cost you anything.
Here’s why…
Generally, I save my clients far more money by implementing strategies, processes, and controls, than they pay me in fees.
Just one, small example -
When you’re paying me to conduct an internal audit of your Accounts Payable program, for example, two things generally happen:
-
I identify over billing resulting in actual dollars in your pocket for which you’d otherwise be unaware, and that savings compounds over time; and
-
Over time, since vendors know you have an auditor overseeing your processes, instances of improper billing magically disappear.
Here’s another example –
When you’re paying me to audit your IT security controls, I will identify multiple control weaknesses for which you are unaware, and help you implement corrective actions to resolve those control weaknesses. For example, identifying and correcting control weaknesses related to unauthorized disclosure of confidential information. By doing so, two things happen:
-
We will prevent future occurrences of issues. Imagine if your organization had a critical disclosure of confidential data. How would that impact both yourself and the organization? What sort of financial impact would that have? By preventing those occurrences, how much would that be worth both in the short term and the long-term?
-
You will now have the ability to monitor and detect whether you experience any future occurrences. You see, chances are, if you’re like many organizations I look at, you have no idea whether or not certain issues are occurring because you don’t have the systems and controls in place to monitor for and detect such occurrences.
As I’m sure you can see, my fees are more like an investment, than a cost – an investment that pays dividends, in both the short and long-term.
So, if you are that very rare executive who truly understands and appreciates the amount of money at risk of loss, or money that can be saved, through the identification of critical control weaknesses, and the design and implementation of critical internal controls to correct those weaknesses, we should talk.
Simply click below on contact button and select one of the available slots on my calendar. If there are no slots available, you’ll be added to the waiting list. If you’re having trouble accessing my calendar, please use our contact form on the contact page.
Obviously, this is an extremely limited opportunity, due to the fact that I rarely have openings in my schedule. You see, I’m already delivering for other clients, and not only do they rarely let my services end, they are so thrilled with the results that they continue to ask me to help them in many other areas.
And if you needed one more reason to schedule a call with me, here you go. We are a small, specialized firm by design. It allows me to do something absolutely none of the large consulting firms can ever do – provide you with personalized service.
When you sign up with one of those other firms, you’ll likely start out by dealing with an ‘account manager’; someone with little experience in the actual services being provided. Their job is to ‘sell’ you on the services. Once you are ‘sold’, you may never hear from that person again.
Next, they’ll send out one or two junior staff to deliver the services. By junior staff I mean someone with less than 10 - 15 years’ experience. Since they lack experience, (and by experience, I mean the kind of experience you get by being in the field for over 30 years), they’ll often take a ‘template’ approach to your situation. That is, they’ll try to make your situation fit into their template. It may or may not.
If anyone promises you that they can deliver what you need, without actually sitting down with you and having a detailed discussion, and without the persons who will actually be doing the work, well…let’s just say that isn’t your ideal situation.
Finally, due to their overhead, their fees tend to be exorbitant.
The bottom line? I can only work with a few clients at a time, because my clients get me personally. As much as I might like to work with many other companies, I simply can’t.
So, if you feel like this is right for you and your organization, click below and let’s talk.