Risk Assurance

Compared to other accounting firms, Frost is an entrepreneurial organization focused on identifying new and creative ways to deliver value to our clients. Here are some of the specialized services we provide:

Fraud Detection

If your company has a fraud occur, our forensic accountants can assist you in quantifying the fraud and designing processes to prevent future frauds. We also have a litigation support team that can serve as expert witnesses should you choose to prosecute.

Fraud Prevention

Internal controls can be costly to implement, but not employing them can be more costly if a fraud occurs. Our experienced team of forensic accountants can evaluate your processes and policies to assist you in developing internal controls based on assessed levels of fraud risk. We can also train your accountants to identify fraud indicators to prevent fraud before it occurs.

Technology Risk Assurance

Our Risk Assurance team offers a wide-range of technology risk management services designed to provide successful evaluation, review, monitoring and maintenance of your systems with minimal disruption to your daily operations. To navigate to a more detailed description of our Technology Risk Assurance services, click here.

Our suite of services includes: SSAE 16/Service Organization Controls (SOC)1 (we provide reviews of service organization controls over financial reporting); SOC Reports 2 & 3 (we provide reviews of service organization controls over the five AICPA Trust Service Principles: Confidentiality, Process Integrity, Availability, Security, and Privacy); General IT Assurance Services (we provide standalone services such as, penetration testing, vulnerability assessments, maturity evaluations and program development, and custom services as defined by the client); Critical Infrastructure (we assist entities in the adoption of the National Institute of Standards and Technology’s (NIST’s) newly released Critical Infrastructure Cybersecurity Framework); North American Electric Reliability Corporation (NERC), Critical Infrastructure Protection (CIP), related services (we offer services to help you conduct periodic evaluations of your CIP compliance program, establish mature controls and processes, mitigate identified issues, and resolve any findings with NERC or the Region’s on your behalf); and Food Defense and Process Risk Management (we offer services to assist you in mitigating both operational and technology related risks faced by your food processing or agricultural operations).

***Industry Sectors affected by the release of the new NIST (RMF) are as follows: Chemical, Commercial Facilities, Communications, Critical Manufacturing, Dams, Defense Industrial Base, Emergency Services, Energy, Financial Services, Food and Agriculture, Government Facilities, Health Care and Public Health, Information Technology, Nuclear Reactors, Materials and Waste, Transportation Systems, and Waste Water Systems.

Business Process Assessment

As your company grows and needs change, your processes should grow too. We can assist you in evaluating your current processes, to ensure your businesses goals and objectives are being met as effectively and efficiently as possible.

Data Analysis

Powerful tools, combined with years of analysis and audit experience, provide you with valuable insight for strategic and critical business thinking. Our team is comprised of IDEA experts, accountants and IT auditors who can help you identify what you need whether you’re looking for lost revenue or expanding the skills of your own audit department.

Internal Audit Risk Assessment and Audit Planning

An effective internal audit function begins with understanding your company’s greatest risks and opportunities. Our risk assurance team will create a risk profile which will serve as a base for developing an audit plan and allow management to control risks to achieve the organization’s goals and objectives. Our team can assist your company in establishing an internal audit function, manage a current internal audit function, or perform specific internal audit tests.

Agreed-Upon Procedures

If a complete SSAE 16 audit is not required, and you want a specific group of accounts, procedures or controls evaluated or reviewed, an ‘Agreed-Upon Procedures’ engagement may fit your needs. This can involve reviewing accounts, procedures or controls to evaluate their effectiveness or accuracy. Agreed-upon procedures engagements follow the process that you dictate. We add our auditing, accounting and risk services knowledge when needed to advise you on a specific or finite course of action.

Frost, PLLC SSAE 16