Skip to main content
Rehmann
Pay Bill
Rehmann
Solutions
Audit and AssuranceConsultingFinance and AccountingTaxTechnology ServicesWealth Management View all solutions
No matter the organizational need, our experienced and focused team is ready and eager to help. We invite you to put our expertise to work.
Series: Thriving with AI
Webinar
Series: Thriving with AI
Update: Corporate Transparency Act Reporting Requirements
Article
Update: Corporate Transparency Act Reporting Requirements
Industries
CannabisConstructionFinancial ServicesHealthcareManufacturingPublic SectorPrivate Equity View industries we serve
We understand where you’re coming from. Rehmann professionals provide expertise in a wide range of industries to help you address challenges and seize opportunities.
Resources
ArticlesGuidesPodcastsWebinars View all resources
Our team is focused on helping clients through consultation and connection. We’re also dedicated to sharing our knowledge and insights. Feel free to browse our wealth of information.
Series: Thriving with AI
Webinar
Series: Thriving with AI
Navigating Cyber: Be Equipped to Face Today’s Cybersecurity Landscape
Article
Navigating Cyber: Be Equipped to Face Today’s Cybersecurity Landscape
About Us
Who We AreLocationsNewsThe Rehmann TeamEventsThe Rehmann Foundation
Our mission is to bring energy, focus, and integrity to every interaction — relentlessly pursuing expertise to accelerate our clients’ and associates’ goals. Take a look at the world of Rehmann.
Solutions  >  Consulting

Risk Advisory Services

Enterprise Risk ManagementInternal AuditSOX and Internal ControlsIT AuditsVulnerability Assessments & Penetration TestingCompliance

Are you looking to mitigate risk?

At Rehmann, we work with clients of all sizes providing a depth of experience and best practices to manage risk. Our risk advisory services include:

Enterprise Risk Management

Organizations must effectively manage risk. All relevant risks and the potential likelihood and impact should be considered. If your entity is looking to gain better insight into Enterprise Risk Management (“ERM”), Rehmann can assist with our team of experienced professionals.  We can provide value by:

  • Performing an enterprise risk assessment
  • Assisting management with prioritizing risks
  • Providing recommendations for enhanced governance
  • Improving processes and controls to respond to your changing risk landscape
  • Conducting ERM awareness training

Internal Audit

Whether your organization has an established internal audit (“IA”) function or is assessing the need to perform audits, Rehmann can assist. We serve organizations of all sizes including private companies, public companies including Fortune 500 SEC registrants, and public sector entities.  Each solution is tailored to your entity’s specific risk profile and focuses on the three core elements of IA: assurance, insight and objectivity.

Our experienced team of professionals is prepared to assist your organization in the following areas:

  • Performing a comprehensive risk assessment
  • Consulting on processes and controls
  • Development of audit programs
  • Documentation and testing of processes and internal controls
  • Audit Committee education
  • Quality assurance reviews

SOX and Internal Controls

The integrity of your financial reporting is only as strong as your internal controls (“ICFR”). A solid internal control system ensures more reliable financial data, which can help companies prevent, detect, and correct costly financial misstatements — and minimize the potential for fraud.

Our team of professionals is experienced with Sarbanes-Oxley 404 (“SOX”) and Federal Deposit Insurance Corporation Improvement Act of 1991 (“FDICIA”) requirements. We serve organizations of all sizes private companies, public companies including Fortune 500 SEC registrants, and public sector entities. We customize our approach to ensure alignment with expectations from internal stakeholders (e.g. C-Suite, Audit Committee, Internal Audit) and external stakeholders (e.g. External Auditors, Shareholders) as applicable.

Our professionals have specialization across a variety of industries and are experienced in understanding complex information systems and organizational structures which makes us better able to develop solutions to even the most nuanced challenges our clients face including mergers and acquisitions, new system implementations, and new accounting standards. We are prepared to assist you in the following areas:

  • Initial implementation of SOX 404 or FDICIA
  • Development of process and control documentation
  • Internal control design and operational effectiveness testing
  • Control remediation
  • Program management organization assistance
  • ICFR training programs

IT Audits

We can perform IT internal audits to test the effectiveness of your controls or assess your existing IT environment and provide recommendations for improvement.  We  assess the security environment against industry standards, including policies, security, access control, data integrity, continuity plans, and more to help you better understand your IT landscape and how it can be further strengthened. Get a comprehensive evaluation of your environment that covers:

  • Information Security Program
  • Logical Access Processes
  • Access Review Processes
  • Access Administration Processes
  • Password Settings
  • Network Architecture
  • Security Log Monitoring
  • Antivirus Implementation
  • Mobile Device Administration Processes
  • Backup Processes
  • Physical Security
  • Change/Patch Management
  • Contingency Planning/Disaster Recovery

Vulnerability Assessments and Penetration Testing

Helping you identify technology risks to secure your environment

Our vulnerability professionals identify security risks associated with your systems — and create strategies to eliminate them. We perform reconnaissance on your environment, scan for vulnerabilities, and simulate actual attacks to help identify potential security weaknesses through external, internal, and wireless vulnerability and penetration, and web application tests.

Social engineering tests that assess susceptibility

Is your organization security aware? Our multifaceted social engineering tests will tell you. We use email, phone, and in-person efforts to determine your vulnerabilities.

Cybersecurity assessments

Learn more about our cybersecurity assessments here.

Contact Jessica Dore for IT related advisory services.

Contact Jessica

 

Compliance

Our Compliance Risk professionals provide industry-related expertise specific to the ever-changing regulatory environment.  Our experienced team is prepared to assist you with regulatory compliance across multiple industries.  Refer to the industries we serve for more information.

Featured Risk Advisory Services Resources

Artificial Intelligence Risk Management Considerations
Article
Artificial Intelligence Risk Management Considerations
See all Risk Advisory Services resources

We’re here to help.

Just send us a note and we’ll do our best to get back to you as quickly as possible.

Heidi Cieslik, CPA, MBA

Principal, Risk Advisory Services

248.952.5000

"*" indicates required fields