-
Financial statements audits
Financial statement audits
-
Compliance audits
Compliance audits
-
Compilations and reviews
Compilations and audit
-
Agreed-upon procedures
Agreed-upon procedures
-
Corporate and business tax
Our trusted teams can prepare corporate tax files and ruling requests, support you with deferrals, accounting procedures and legitimate tax benefits.
-
International tax
Our teams have in-depth knowledge of the relationship between domestic and international tax laws.
-
Tax compliance
Business Tax
-
Individual taxes
Individual taxes
-
Estate and succession planning
Estate and succession planning
-
Global mobility services
Through our global organisation of member firms, we support both companies and individuals, providing insightful solutions to minimise the tax burden for both parties.
-
Sales and use tax and indirect taxes
SUT/ VAT & indirect taxes
-
Tax incentives program
Tax incentives program
-
Transfer Pricing Study
The laws surrounding transfer pricing are becoming ever more complex, as tax affairs of multinational companies are facing scrutiny from media, regulators and the public
-
Business consulting
Our business consulting services can help you improve your operational performance and productivity, adding value throughout your growth life cycle.
-
Forensic and investigative services
At Grant Thornton, we have a wealth of knowledge in forensic services and can support you with issues such as dispute resolution, fraud and insurance claims.
-
Fraud and investigations
The commercial landscape is changing fast. An ever more regulated environment means organizations today must adopt stringent governance and compliance processes. As business has become global, organizations need to adapt to deal with multi-jurisdictional investigations, litigation, and dispute resolution, address the threat of cyber-attack and at the same time protect the organization’s value.
-
Dispute resolutions
Our independent experts are experienced in advising on civil and criminal matters involving contract breaches, partnership disputes, auditor negligence, shareholder disputes and company valuations, disputes for corporates, the public sector and individuals. We act in all forms of dispute resolution, including litigation, arbitration, and mediation.
-
Business risk services
We can help you identify, understand and manage potential risks to safeguard your business and comply with regulatory requirements.
-
Internal audit
We work with our clients to assess their corporate level risk, identify areas of greatest risk and develop appropriate work plans and audit programs to mitigate these risks.
-
Service organization reports
As a service organization, you know how important it is to produce a report for your customers and their auditors that instills confidence and enhances their trust in your services. Grant Thornton Advisory professionals can help you determine which report(s) will satisfy your customers’ needs and provide relevant information to your customers and customers’ auditors that will be a business benefit to you.
-
Transactional advisory services
Transactions are significant events in the life of a business – a successful deal that can have a lasting impact on the future shape of the organizations involved. Because the stakes are high for both buyers and sellers, experience, determination and pragmatism are required to bring deals safely through to conclusion.
-
Mergers and acquisitions
Globalization and company growth ambitions are driving an increase in M&A activity worldwide as businesses look to establish a footprint in countries beyond their own. Even within their own regions, many businesses feel the pressure to acquire in order to establish a strategic presence in new markets, such as those being created by rapid technological innovation.
-
Valuations
We can support you throughout the transaction process – helping achieve the best possible outcome at the point of the transaction and in the longer term.
-
Recovery and reorganization
We provide a wide range of services to recovery and reorganisation professionals, companies and their stakeholders.
Internal audit can play a crucial role in helping to discover business continuity plan weaknesses and assist in providing guidance to revise and upgrade recovery strategies and plans to protect operations against future disruptions.
Developing a sound business continuity plan involves four key steps:
- identifying emerging threats and developing response methods
- examining internal audit focus areas, including a thorough understanding of an organization’s operational objectives, risks, and processes
- assessing an organization’s current continuity program in terms of people, process, and technology
- integrating program enhancements to prepare for inevitable risks
Identifying and responding to threats
Under COVID, organizations have had to respond and adapt to a variety of challenges, including changing work environments, an increasingly competitive landscape, volatile financial markets, disrupted supply chains, internet glitches and a divided and political environment. All these elements exposed out-of-date and untested incident response and business continuity plans.
A strong plan contains the following elements:
- good governance, including leadership, involved decision-making and appropriate escalation
- up-to-date and well-tested public relations policies, with key issues decided in advance, and planned responses and media releases
- crisis preparedness: updated plans integrated with change management that have been rehearsed and tested
- quantifying risk and mitigation effectiveness that justifies investment
- metric and reporting that enables executives to make informed decisions on business continuity funding
Internal audit’s role
Internal audit provides a thorough understanding of an organization, including its strategic goals and objectives, its risks and critical business operations, and the strategies and processes for recovery. It can contribute a lot to business continuity management (BCM).
A sound BCM program should:
- align with strategic goals and objectives, including enterprise risk management (ERM), which identifies risks to strategic objectives and competitive opportunities
- Identify critical business operations and processes, and develop safeguards for employees, customers, products, and services from disruptions
- Develop response and recovery plans and incorporate proactive measures to mitigate disruptive events
- Test and evaluate response and recovery capabilities
Internal audit also provides insights into management’s ability to manage and control risks, disaster recovery and crisis management. Internal audit’s independence provides objectivity, it understands trends and behaviors, it identifies areas of improvement and provides transparency to management for handling risks related to continuity and resiliency.
Business continuity risks frequently fall into these categories:
- people. An organization needs to address the risks from a loss of critical staff and processes that are dependent on a third-party supplier.
- process. An organizational process should align with ERM objectives. It should manage risk of a deviation from consistent processes. And it should adopt a change management process.
- technology. An organization should address strategies for data protection. It also should address risks that protect against high redundancy levels in telecommunications infrastructure.
Authoritative frameworks
As internal audit leaders look for guidance on how to best assess the strength and maturity of their organization’s Business Continuity Program against the inevitable risk of business disruption, they can often look to standard frameworks for business continuity management and choose the standards that best align with its industry.
The Federal Financial Institutions Examination Council offers a BCM handbook, the International Organization for Standardization, and the International Electrotechnical Commission (ISO/IEC) provides security and resilience with BCM, and the National Institute of Standards and Technology offers a contingency planning guide for IT systems. An organization may combine these standards to best align with its operations. These frameworks have become particularly effective in addressing cybersecurity threats, which have only grown exponentially over the years.
A 360-degree view of risk
While business continuity planning is designed to anticipate future risk, it also can be valuable to examine the past to identify events and incidents that disrupted operations, from power outages and cyber-attacks to severe weather.
Source:
Grant Thornton library articles: Business continuity plans go better with internal audit
