Quick Links

Legal & Sitemap

Home > Services > Consulting > Governance, Risk and Compliance

Governance, Risk and Compliance


In today's ever-expanding and shifting business environment, standards change, pronouncements are issued and best practices warrant well-versed resources to meet the evolving requirements. Armanino can assist with such services as SOX, Enterprise Risk Management (ERM), Internal Audits and more.

Sarbanes-Oxley Act (SOX) Compliance

Let’s face it. Everyone thought SOX was routine. Assess risks, define controls, test controls. Wash, Rinse, Repeat.


Internal Audit

Countless years of of experience with operational and financial auditing, both in the US and internationally, have sharpened our auditing skills to the benefit of our clients. For many organizations, Internal Audit is a requisite element of the control environment. With the help of Armanino, the Internal Audit function can be upgraded to provide greater efficiencies with a positive effect to the bottom line. 


Enterprise Risk Management

Risk often rises in tandem with change. For example, when external certifications are needed to promote business competency, a new business venture is pursued, special projects arise, or a key accounting, IT, or finance professional becomes unavailable for extended periods, an enterprise lacking in ERM can become vulnerable. 


SOC Compliance

The standard for outsourced processes includes three separate types of Service Organization Control (SOC) reports that address assurance for service organizations. For each type of SOC report, there is an accepted professional standard under which the audit will be performed. This allows for a common nomenclature when referring to reports going forward while allowing for a more frequent update of the professional standards.



Is your network open to attack? Are you running unpatched applications? Are you up-to-date on the continual barrage of hackers? If you answered "No" or "I don't know" to any of these questions, your network is fair game. New holes in security are discovered and then immediately exploited to compromise networks around the world. Today's "secure" network is tomorrow's easy target. 


Business Continuity

A significant, sustained interruption of enterprise operations or information flow will have an adverse effect upon an organization. Developing a sound business continuity plan is crucial to preventing even a minor disruption from snowballing into a business catastrophe. An effective process model may prevent the emergence of a crisis. 


Internal Controls

Strong internal controls are a good business practice for all organizations, whether or not they are required to comply with Sarbanes-Oxley (SOX).  Armanino’s internal control specialists work with a wide range of public and private companies to create more effective internal control structures and improve operations.