How Citrin Cooperman Can Help
Related Practices
Internal Audit
• Internal Audit Advisory
• Internal Audit Staff Augmentation
• External Quality Assessments (EQA)
• Business Process Design and Enhancement
• Pre- and Post- Acquisition Advisory
• Regulatory Compliance Audits
Sarbanes-Oxley Compliance
When you're ready to stand up a SOX program, we can help.
We provide full-service Sarbanes-Oxley solutions for companies of all sizes and maturity levels. Our approach is practical and leverages world-class technology solutions to ensure efficiency and effectiveness.
We provide:
• Internal Controls Rationalization and Optimization
• Workiva Integrated Risk/Compliance
• Technology Implementation
• SOX Staff Augmentation
• Process Improvement and Enhancement
• Policy and Procedure Advisory and Development
• Address your SOX readiness now and improve your SOX 404 compliance programs.
Achieving SOX 404 compliance requires time, careful planning, attention, and constant refinement. Before you commit to a full SOX program, you want to understand everything that will be required to stand up your SOX program.
With a SOX Readiness Assessment from the Clearview team, you will receive:
• Analysis and recommendations
• Scope and projected costs
SOC Readiness & Audit
System and Organizational Controls (SOC) for Service Organizations reports are designed to help service organizations build trust and confidence in the service performed for other entities through a report by an independent CPA. Each type of SOC or Service Organizations report is designed to help service organizations meet specific user needs.
We help organizations with all aspects of SOC:
• Conduct SOC Readiness Assessments
• SOC Program Design and Implementation
• SOC Testing and Report Issuance for all types of SOC Reports
SOC 1
Report on controls relevant to user entities' internal control over financial reporting (ICF).
SOC 2
Report on detailed study of controls related to security, availability, data integrity, confidentiality, or privacy.
SOC 3
Report on trust service standards in a general use context for broad audience comprehension.
IT Audit and Compliance
With a comprehensive IT Audit or IT Risk Assessment, you will receive a thorough review of your IT internal control programs, processes, and infrastructure, and identify opportunities for improvement.
• IT Audit Co-Source and Full Outsource
• IT Risk and Government Assessments
• IT SOX and Regulatory Program Design and Implementation
• Cybersecurity Risk and Best Practice Assessments
Environmental, Social, and Governance
Our team of experienced ESG professionals has a deep understanding of the ESG landscape and the challenges that organizations face. We are deeply committed to helping you achieve your ESG goals and make a positive impact on the world.
How we can help:
• CSRD Compliance Advisory
• ESG Report Consulting
• Framework/GAP Assessment
• ESG Reporting Validation
• Carbon Accounting
• Materiality Assessment
• Industry Rating
Enterprise Risk Management
By understanding the risks specific to your organization, we can help improve your company's risk management functions by implementing proven methodologies that address high and emerging risk areas. Our ERM consulting services provide:
• ERM Program Advisory
• Enterprise Risk Assessments
• Fraud Risk Assessments
• Fraud Detection and Prevention
Workiva Solutions
Improve efficiencies with the Clearview team’s Workiva Solutions and solve your most daunting reporting and compliance challenges.
Build Custom Solutions on the Workiva Platform
Having used Workiva to solve our own reporting challenges, we are passionate about using Workiva’s powerful platform to create purpose-built solutions tailored to help clients achieve their unique goals.
We provide implementation, consulting, and custom solutions for Financial Reporting, GRC, ESG, and many others.
• Financial Reporting
• Environmental, Social & Governance
• Global Statutory Reporting
• Governance, Risk and Compliance
• Management Reporting
• SEC Reporting
• SOX Compliance
• Enterprise Risk Management
White Glove Implementation
When you engage with us for a Workiva project, you gain an entire team to guide you every step of the way. Our white-glove implementation employs on-shore resources to fulfill the entire scope of our delivery.
• The Clearview team’s Project Manager will track the scope, timeline, and overall status of the project.
• The Clearview team’s Partner will oversee the relationship with your company and be accountable for your overall satisfaction.
• Our Solution Architects will design and develop the functional solution for your team within the Workiva platform.
• The Engagement Lead will perform the day-to-day delivery of your implementation project.
Additional Risk Advisory and Compliance Services
Cybersecurity Assessment
• IT operations- • Physical and logistical security
- • Mobile device recovery
- • Network security
- • Online security
- • Data privacy and security compliance
- • System and hardware controls
Know where your most significant risks exists, so you can create and implement solutions to protect your company and your data. Through interviews with key members of your IT and management team, the SCORE Report will provide you a de facto roadmap, prioritizing your most significant areas of concern, and providing a remediation plan which is designed to be easily understood by executive management and your IT team.
Cybersecurity Assessment
Compliance and Frameworks
If you are a merchant that processes payment cards or a service provider that affects the security of payment cards, we can help guide you towards meeting the strict requirements of the Payment Card Industry Data Security Standard (PCI DSS).
If you maintain protected health information (PHI) for your customers, you are required to meet the imposing obligations of the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH).
If you are a company doing business with the Department of Defense (DoD) and are required to gain a certificate from a third-party auditor for Cybersecurity Maturity Model Certification (CMMC), we can help guide you through the strict requirements of CMMC. Whether you need a Security Risk Assessment (SRA), Plan of Action (POA), System Security Plan (SSP), assistance with remediating gaps, or a future Assessor (C3PAO) to perform the audit for your certification, we are here to help.
• GDPR
• NIST
• GLBA
• Third-Party Assurance - SSAE18 (SOC 1, 2, 3, Cybersecurity)
