Governance, Risk Management & Compliance

Bridgepoint Consulting assists organizations in building confidence, trust, and peace of mind through effective accountability. Whether your needs are enterprise-wide or narrowly focused on a particular facet; whether you need a high-level assessment or a deep dive process redesign and implementation; we have the experience and capabilities to guide you towards success.

Corporate Governance

The set of processes, customs, policies, laws and institutions affecting the way a corporation is directed, administered or controlled.

Risk Management

A coordinated set of efforts to anticipate and prevent; prepare for and respond to, events and situations that would have a negative impact on your goals, objectives and initiatives. It is not a once and done effort, rather it is embedded throughout the ongoing business operations.

Compliance

The detailed activities that must be performed to achieve the governance objectives. Compliance does not just happen, it can be a complex recipe of requirements, processes and procedures to meet those requirements, operational discipline to consistently perform the procedures, and monitoring to ensure procedures are complete and accurate.

Diagnostics

Bridgepoint will review your current programs of Governance, Risk Management and Compliance (GRC) and compare them to leading industry benchmark practices to give you assessment of how robust your programs are and areas of potential enhancement. We understand that one-size-does-not-fit-all so we approach each company as a unique situation and our assessment reflects this approach.

Strategy and Tactics

Bridgepoint will work with your organization to develop an overall strategic view of GRC. We will help you create a roadmap to achieve your strategic views, and assist you in creating the “nuts and bolts” action plans. We work with what you already have in place and identify enhancements which make sense in your situation.

Implementation

Bridgepoint will roll up its sleeves and work along side your organization to implement your GRC programs. Whether it is project management, detailed process and procedure development, conducting audit procedures, or training and communication, we can help you move toward your goals.

We have successfully assisted our clients in the following GRC functions:

Enterprise Risk Management

  • Capabilities Assessment
  • Risk Assessment
  • Program Development & Implementation

Sarbanes-Oxley 404 Compliance

  • Assessment of Risks
  • Design of Controls
  • Test Effectiveness of Controls
  • Control Rationalization for Efficiency
  • Financial and IT Testing Support
  • Leveraging IT Capabilities

Internal Audit
Outsourcing / Co-Sourcing

  • Governance & Strategy
  • Risk Assessment
  • Develop IA Audit Plans
  • Perform IA Projects
  • Audit Committee Reporting

IT Security

  • IT Security Assessment
  • PCI Self-assessment
  • SSAE 16 (SAS 70) Readiness
  • Business Continuity Planning / Disaster Recovery
  • User Access Review

IT Audit

  • IT Risk Assessment
  • General Controls Review
  • Application Specific Controls Review
  • Project Implementation Controls Review

Other GRC Functions

  • Board Level Education
  • Board Level Governance
  • Forensic Investigations
  • Segregation of Duties Studies
  • Delegation of Authority
  • IT Governance
  • Project Risk Assessment
  • Contract Compliance
  • Fraud Risk Assessment

 

 

 

 

 

 

 

 

 

 

 

Internal audit services are provided by our affiliate Smith, Patterson & Johnson PLLC, a certified public accounting firm.

View summary PDF