Risk Assurance & Advisory

Regulatory compliance requirements, data risk mitigation and internal controls can feel like constantly shifting sands.
Risk Assurance & Advisory
Client Service

We Will Help Your Finance Team and Board of Directors Sleep Better at Night

Knowing that controls and monitoring programs are in place that align with your strategic goals.

Assist Your Organization With a Variety of Risk Assurance and Advisory Services

SOC Audit & SOC Compliance

Armanino has extensive experience with Type 1 and Type 2 SOC reports to fulfill all your SOC audit and SOC compliance needs.

SOC Reporting Compliance

Sarbanes-Oxley Act (SOX) Compliance

Armanino brings a unique approach to SOX compliance that provides you with a competitive edge and sets us apart from other service providers.

SOX Compliance

Third-Party Assurance/Vendor Risk Management

Clients want assurance that their vendors are protecting their data and assets with effective, secure third-party controls and risk management. Armanino is a leading provider of third-party assurance and vendor risk management services.

Third-Party Assurance

Cybersecurity Services

All companies―regardless of size or industry―face a very real risk of cyberattack. Today’s executives need to think seriously about cybersecurity and what they are doing to protect themselves, their organizations and their customers .


Privacy Services

At Armanino, our consumer data privacy experts provide a range of solutions designed to help business leaders combat the quickly changing landscape of privacy and breach notification laws, and maintain compliance with new regulations.

Data Privacy

GDPR and The CA Consumer Privacy Act
GDPR and The CA Consumer Privacy Act
Scrutiny of the way organizations manage consumers’ data privacy rights has never been higher. Our experts help you navigate these new data privacy regulations.

Enterprise Risk Management

Risk often rises in tandem with change. An enterprise lacking in enterprise risk management (ERM) can become vulnerable, for example, when external certifications are needed to promote business competency, the organization is pursuing a new business venture, special projects arise, or a key accounting, IT or finance professional becomes unavailable for extended periods.

Being inadequately prepared for these events can lead to deteriorating financial performance, lost business opportunities, or even misrepresentations in financial statements.

At Armanino, our ERM framework centers on aligning risk management with enterprise objectives for long-term sustainability. This requires implementing a practical approach to enterprise risk control, one that is integrated with existing management processes, to:

  • Provide an enterprise-wide view of risk
  • Improve information for decision-making
  • Reduce costly surprises
  • Rationalize the cost of risk management
  • Contribute to long-term value creation and protection

Our subject matter experts in financial, operational and technological risks work with clients to design a cost-effective process with supporting policies to address specific risks, identify mitigating strategies, evaluate technology solutions for reliable reporting and monitoring, and implement the process successfully over time.

We concentrate on the appropriate business areas as efficiently and effectively as possible, creating customized risk models to help provide enterprise risk control throughout an organization.

Armed with a comprehensive and strategic assessment of their risk universe, our clients are well-positioned to evaluate how best to manage their business risks.

HITRUST Certification Services

Armanino employs a team of compliance experts who are certified to provide HITRUST CSF assessments on your behalf. Our approach is to optimize your control programs and gain efficiencies for our clients by coordinating HITRUST and SOC controls where possible.

HITRUST Certification →

Internal Audit

In an environment of increased risks ranging from misappropriation of funds to cyberattacks, strong internal controls have become a critical business practice for all companies, whether or not they are required to comply with Sarbanes-Oxley (SOX). Our internal audit specialists work with a wide variety of organizations to create more effective internal control structures and improve their operations.

Internal Audit →

ISO 27001

Armanino’s expertise in managing a broad array of risk management and certification programs for clients ensures that you will benefit from a cost-effective approach to ISO 27001

ISO 27001 →

Contract Compliance Audits

Armanino’s contract compliance audit professionals are experienced in serving a variety of our firms' clients in areas such as royalties, licensing, distribution agreements, advertising, digital content and more.

Contract Compliance Audits →

Business Continuity Planning & Management

A significant, sustained interruption of enterprise operations or information flow will have an adverse effect on any organization. Developing a sound business continuity and disaster recovery plan is crucial to preventing even a minor disruption from snowballing into a business catastrophe. An effective process model may prevent the emergence of a crisis.

Our Business Continuity Management team has deep experience in business continuity planning and understands the importance of complying with regulatory requirements and fiduciary responsibilities to avoid potential penalties and litigation.

We assist clients in identifying critical business processes and exploring strategies that include a process-oriented approach that incorporates a business impact analysis (BIA), a risk assessment, risk management and risk monitoring.

Our experts will help you build a strong business continuity plan that maps out an organizational structure with distinct roles and responsibilities and generates well-documented plans, including information technology, business relocation, manual workarounds and data restoration features.

Our Risk Assurance Experts
Liam Collins - Partner, Audit - San Francisco CA | Armanino
Liam has more than 18 years of assurance and consulting experience, including 10 years with Big Four firms. He leads th...
Todd Bishop - Risk Assurance & Advisory Services| Armanino
Todd is a partner in the Risk Assurance & Advisory practice, where he helps lead the firm’s internal audit, S...
Patrick Hall - Partner, Audit - San Ramon CA | Armanino
Patrick is a partner in the Risk Assurance & Advisory practice leading the firm’s SOC and HITRUST practices.
News, Tips & Insights
Getting on the SPAC Track:  2021 Outlook
We’ve been through it - and we’ve got a few learnings to share about SPAC transactions!

February 18, 2021 | 10:00 AM - 11:00 AM PST
Enable sales growth with SOC automation, speed and preparedness.

February 3, 2021 | 11:00 AM - 12:00 PM PST
Celebrate Data Privacy Day One Day Early to Help You Stay One Step Ahead.

January 27, 2021 | 11:00 AM – 12:00 PM PST
Need to Talk?

We're Here For You

If you have any questions or just want to reach out to one of our experts, use the form and we'll get back to you promptly.