Our clients range in size from a few million in revenue up to $100 million in revenue. Our experienced staff enables us to work with clients in all stages of growth.

Primarily because we provide additional resources and expertise that most companies cannot afford. Audit Liaison was created to fill the vast void that existed for small to medium-sized businesses who needed, first, compliance-effort support and that quickly grew into providing continuous information security support. Most of our staff started in one of the international accounting and/or consulting firms then moved into private enterprises after years of audit and consulting experience across a variety of industries.

The international audit and consulting firms of the world are, frankly, too expensive for rapidly growing companies and companies that aren’t growing but want to enhance their internal control environment and information security. We know this for a fact because we worked in those firms. Audit Liaison has tailored and implemented proven internal control and information security frameworks into a variety of enterprises across every industry. With that expertise, we have created a rate structure that is well below the large firms, and customized packages that substantially enhance small to medium size entities’ information security and internal controls.

Businesses concerned about their existing internal controls over system resources, data and financial reporting. It is difficult to convey the unique value of having individuals with both independent auditing experience as well as industry experience as the audited party.

Great! Many of our clients do. Already having the CSO in place reduces the amount of time you’ll need from our personnel. Regardless, we always collaborate with your team to determine where Audit Liaison can provide the most value. The question we collectively answer is: what expertise can Audit Liaison bring to the table for a project or on an, as needed, basis that we don’t have in-house?

Great! Many of our clients do. Already having an Internal Audit function in place reduces the amount of time you’ll need from our personnel. Regardless, we always collaborate with your team to determine where Audit Liaison can provide the most value. The question we collectively answer is: what expertise can Audit Liaison bring to the table for a project or on an, as needed, basis that we don’t have in-house?

Yes, we can. Audit Liaison creates risk-based internal audit functions that address both financial reporting and information security risks and controls. The Audit Liaison staff are all experienced auditors, therefore, they gain instant credibility within a client’s organization. Finally, Audit Liaison personnel will work with your existing or newly hired audit personnel to guide and enhance their audit skills.

In nearly every case, we’ve been able to accommodate new clients within 2 to 4 weeks. Our business model is built on providing interim support to clients. Therefore, our staff are rarely booked on clients for extended periods. We intentionally space our work out to allow client personnel to not get too far behind in their day-to-day responsibilities.

Your customers’ requests have changed because the compliance standards themselves changed with the SOC 1 and SOC 2 superseding the SAS 70 standard. In our view, the primary reasons that the SAS 70 was superseded are twofold: 1. The AICPA wanted Management to explicitly assert as to the design and operating effectiveness of its internal control environment, and 2. The auditor would not only have to opine on the specific controls as defined by Management but also the suitability of the criteria (measurement) used by Management to make its assertion. As a result, the control requirements for SOC 1 and SOC 2 compliance now more closely mirror the other compliance standards in their comprehensiveness.

It’s an excellent question and the one we get most often. Each of the compliance standards has specific requirements. The SOC 1 and SOC 2 requirements are still largely determined by the entity; however as noted above, the controls must be comprehensive enough that an independent auditor can positively opine on the overall internal control framework design and effectiveness.

In our experience, PCI and ISO 27001 preparation require additional time than the other standards. As a rough estimate, we can generally assist a Company to be ready for the point-in-time audits between 3 to 6 months. The period-of-time audits, such as SOC 1 and SOC 2 – Type 2 audits, require operating effectiveness of controls over an extended period of time (generally 6 months). Our 3 to 6-month timeframe still applies, but then you will have the additional period in which the internal controls must be operating continuously.

Unfortunately, every company is at risk for financial fraud and confidential data exfiltration. As we note in our Security Awareness training sessions with company personnel, external threats are now just as prevalent and nearly as financially damaging as insiders committing fraud have traditionally been.

A strong internal control structure, that is monitored by management, certainly helps. Audit Liaison provides management with the tools they need to reduce fraud risk on their own, or alternatively, we are engaged to investigate potential frauds. With regards to leakage of confidential data, again robust information security controls are extremely helpful. Likewise, the implementation of additional monitoring tools and risk-transference and mitigation strategies are very helpful to both prevent and reduce financial exposure if fraud occurs.

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.