A risk assessment is the basis for an effective, internal audit strategy. It aims to anticipate where problems might occur, how likely they are to happen, and how company leaders can avoid, accept, share or transfer these risks. A well thought out strategy not only helps companies prioritize their internal audit efforts, but can also save money, avoid setbacks and help identify compliance needs for governmental regulations and laws.
The UHY Advisors methodology is based on the Committee of Sponsoring Organizations (COSO) framework. This voluntary, private sector organization is dedicated to improving the quality of financial reporting through business ethics, effective internal controls and corporate governance.
When Section 404 of the Sarbanes-Oxley Act of 2002 was implemented, the majority of public companies expanded their use of formal risk assessments. However, Sarbanes-Oxley applied only to public companies. Now, the AICPA's Auditing Standards Board (ASB) has issued eight Statements on Auditing Standards (SAS) that are referred to as “risk assessment standards” which relate to public, as well as private companies. Consequently, this additional focus on risk for external auditors has in turn resulted in increased attention from company management. We are available to help develop a risk assessment that will greatly enhance your internal strategy and contribute value to your organization.