Internal Control Documentation & Evaluation

Internal Control Documentation & Evaluation2019-03-20T17:20:07+00:00

CRI’s internal controls team can help you score a win in the game of protecting your organization.

CRI’s internal controls team can help you score a win in the game of protecting your organization.
Many people assume that internal controls are as complicated as a “spread offense” in football. But internal controls are the basic blocking and tackling of an organization. Organizations can choose an offensive-minded approach to internal controls by proactively focusing on operational efficiencies. Or, they can focus on the defensive side, where they target the compliance and financial reporting aspects of controls to reduce and manage risk. Perhaps they may even decide to utilize a balanced attack of reducing risk and implementing efficiencies where appropriate.

CRI teams with you to provide internal control services that can document or evaluate current workflows, identify areas of high risk, evaluate duty segregation, and develop or assess formal policies. While evaluating internal controls is a systematic process, advisors who understand your industry can likely conduct a more efficient and comprehensive engagement, which will provide you with more overall value. Our CPAs have years of experience in working with a variety of specialized industries and addressing their unique situations. Whether you need to assess your current processes, perform an internal audit, or design new controls to rebound from a cyberattack, CRI can help you score a win in the game of protecting your organization.

Internal Controls that Every Business Should Have

Use of Fraud Warning Signs to Deter It

3 Internal Controls for Every Manufacturer and Distributor

Straight Talk

Translating technical jargon into a plain English “text.”

We seem to be taking longer to get our billing out and our payables paid.  Do you have any ideas regarding what might be causing that or ideas of how to help?


We can help. Well, we normally start with getting those existing documents—if available. Then, we will sit down with your team, inquire, observe, examine, or even re-perform some of the steps to get an understanding of what’s really going on. We call it a “walkthrough.”


Oh, so you “walk through” the process to see if what we say we do is what we actually do?


Exactly. This process also gives us the basis to update the documentation of your procedures and to provide recommendations for making your process more efficient and effective.


That sounds exactly like what we need: a fresh look and an update to the old documents. When can you start? What do you provide in the end?


How quickly can you get us those existing documents? 🙂 Seriously, we can start soon because we do this type of work all of the time. At the end of the project, we’ll provide you with updated manuals and recommendations for improving your procedures and controls.


I’m looking for those old documents now and will be in touch soon.


Client SNAPshot

CLIENT: Publicly traded, smaller reporting company

INDUSTRY: Insurance

SCOPE: Sarbanes-Oxley (SOX) engagements for eight years

SERVICE: Creating management’s initial assessment under SOX and ongoing testing

PROJECTS: Assisted management in building its management assessment – including information technology general controls (ITGC) – from scratch and provided ongoing testing

RETURNS: The client had no SOX experience and no internal audit department. We assisted in developing a plan to support management with meeting its assessment requirements under SOX 404(a). Additionally, over a period of two years, we trained their staff to absorb portions of the SOX testing to reduce their annual external SOX testing costs by approximately 60%.

60% external testing costs reduction

Solutions Simplified

Down-to-earth descriptions of our services.

Internal Control Documentation Documenting internal controls is a valuable exercise, whether for audit, regulatory, or management purposes. But often, the last thing people get around to doing is documenting their controls. CRI’s professionals can help you identify and document your controls –- especially your key controls. Let us help you get your controls under control.
Internal Control Evaluation Evaluating controls helps your management team identify controls that need to be added, changed, or even removed. However, many companies don’t possess the skills to perform this vital task, which may be necessary due to audit or regulatory requirements. And even companies that do possess the skills often find the process cumbersome and time-consuming. Our professionals can co-source or outsource the exercise – using our top-down, risk-based approach – to make it compliant, streamlined, timely, and cost-effective.
Sarbanes-Oxley Compliance Entities subject to Sarbanes-Oxley (SOX) are required to identify, document, and evaluate key internal controls. Filers and registrants that are required to perform the task know that it can be daunting. Our experience includes Fortune 100 companies down to smaller reporting companies. We can help you build your management assessment from scratch, as well as outsource or co-source your testing. Ask our experienced CPAs to help you keep your SOX up!

Contact Us