Blum Shapiro - Certified Public Accountants and Business ConsultantsBlum Shapiro - Certified Public Accountants and Business Consultants
HomeContactNewsCareerIndustriesServicesCommunityAbout Us
Services Home
Accounting & Auditing
Tax
Consulting & Technology
Healthcare Consulting
Litigation Services & Business Valuation
Financial, Estate & Trust Planning
Employee Benefit Assurance Services
Software
Staffing Services

 Compliance & Control

Major corporate failures have been in the business news headlines for some time. Restatements of reported financial information and financial fraud have shaken the foundation of American business.

Government actions to address the problems have included the passage of the Sarbanes- Oxley Act, enhanced Securities and Exchange Commission scrutiny, establishment of the Public Company Accounting Oversight Board, Justice Department indictments, congressional investigations and actions by the states to review and revise regulations. More action and regulations are sure to follow.

These issues do not apply only to public companies. The changes have increased the expectations on management and boards of directors of privately held companies, governmental entities and non-profit organizations. Blum Shapiro Consulting has a strategic focus on assisting you with the new regulations and expectations that have been thrust upon you.

Process Controls and Risk Assessment - In the new rules, special emphasis is placed on accountability for internal controls and risk management practices. Blum Shapiro Consulting can help you understand the weaknesses of your internal controls, then create a roadmap for improvement that links internal controls with corporate governance. Some of our Process Controls and Risk Assessment services are:
  • Internal Control Assessment - At Blum Shapiro we have developed documentation and testing approaches for the internal control environment that identify the strengths and weaknesses of current controls and processes. This provides you with the insight to focus on risk areas and proactively assure directors and shareholders. We help to refine and revise the current processes and procedures.

  • Assessment of Business Risks - We facilitate sessions with your organization's executive management, board and other personnel to identify, assess and evaluate key business risks. Our in-depth review and report quantifies the information gathered from these sessions including a discussion of existing controls to mitigate the major risks. This risk assessment provides a plan for your ongoing monitoring and review of your company's internal control processes.

  • The Gramm-Leach-Bliley Act Compliance - The Gramm-Leach-Bliley Act(GLBA) Data Protection Rule requires organizations in various industries (i.e. banks, financial institutions, automobile dealerships) to implement and maintain an Information Security Program designed to insure the security and confidentiality of customer information. This includes the following customer information:

    • Bank and credit card account numbers
    • Income and credit histories
    • Social security numbers

    In addition, this act requires the regular confirmation and testing of the Program to ensure that the controls implemented function as expected.

    Key elements to an effective Information Security Program address key controls over critical IT operational areas, including:

    • Network and software design and management
    • Data security and access management
    • Data storage, transmission and retrieval
    • Virus protection and prevention
    • Intrusion detection and response
    • Staff awareness and training

    Blum Shapiro Consulting is aware of the challenges that the GLBA Data Protection Rule can pose to a company. Our Certified Information Systems Auditors can identify the exposures your company faces and how those risks can be effectively addressed by:

    • Confirming and testing that proper network and application controls are in place
    • Evaluating data back up and virus protection procedures
    • Assessing the physical controls over critical hardware and network components
    • Determining that internal and remote access controls are protecting data assets
    • Reviewing current information systems' policies, procedures and practices

    Our goal is to provide clients with realistic solutions that will ensure compliance to the requirements of the GLBA.

  • HIPAA Compliance - The Health Insurance Portability and Accountability Act of 1996 (HIPAA) requires that a covered entity (health plans, health care clearing houses and certain health care providers) must assure that the integrity, confidentiality and availability of the electronic health information they collect, maintain, use or transmit is protected. Unfortunately, many organizations are unclear how to attack this problem.

    Blum Shapiro Consulting understands the compliance issues related to HIPAA, and has developed security compliance programs to help organizations implement security standards that support the four major areas where controls and monitoring procedures must be put into place.
    • Administrative Safeguards
    • Physical Safeguards
    • Technical Safeguards
    • Organizational Requirements

    Within each of these areas, there are a multitude of sub-elements and standards that need to be created. To enhance the implementation process, it is important to synthesize and summarize all of these elements into manageable steps. Blum Shapiro Consulting can help you link the little pieces with the big picture and give you confidence that your information is secure and your controls and procedures are in compliance with HIPAA regulations.
Sarbanes - Oxley and Corporate Governance - The dialogue among stakeholders, audit committees and the regulatory authorities on the role and performance of corporate governance has never been more robust or candid. While there are many new requirements to be addressed, boards aren't simply looking to comply with minimum requirements. Directors must understand these issues - both financial and non-financial, therefore a comprehensive continuing education program for boards and their key committees is crucial. This is particularly true for the audit committee, which must have a deep understanding of the company's accounting and financial reporting issues in order to meet its expanding responsibilities. Blum Shapiro helps you improve corporate governance and security with the following services:
  • Sarbanes-Oxley compliance - Our team assists you in complying with both the Section 302, Officer Certification, and Section 404, Management Assessment of Internal Controls aspects of Sarbanes-Oxley. We work with your financial statement auditor to enable the attestation to management's assessment of the control environment. Our clearly independent role eliminates any perception of conflicts.

  • Corporate compliance - Blum Shapiro Consulting assist companies with the developmental, operational and monitoring phases of their overall corporate compliance program policies and procedures.

  • Outsourcing of internal audit function - We act as an internal audit function for both public and private companies and assist in the development of an annual audit plan and performance of the various audits.
Computer Forensics - Computer forensics is commonly defined as the collection, preservation, analysis, and court presentation of computer-related evidence. Courts mandate the proper seizure and analysis of computer evidence in any investigation where a computer is the means or an instrument of a crime or other offense or may contain evidence relevant to a criminal or civil litigation matter. The rising tide of computer-related intellectual property theft, security breaches, and associated financial losses mandates that information security administrators conduct or oversee proper computer forensic investigations when responding to these incidents.

Blum Shapiro Consulting has computer incident response procedures that include proper computer forensics protocol to properly secure, recover, and authenticate relevant computer evidence in order to facilitate its admission into a court of law. Our collection and analysis of computer evidence significantly advances criminal investigations, civil litigation matters, and corporate internal investigations helping you find the "smoking gun".

Town Revenue Enhancement - Towns routinely allow millions of dollars of valid and legal tax revenues to go uncollected. This is the result of disconnects and leakage between the assessment and collection of property tax. Some key drivers of this leakage are:
  • Limited controls exist within and between P&Z, Assessor and Tax Collector impacting processing of permits
  • Current processes are not documented and/or followed by staff
  • Some permits are not entered into the CAMA/Assessors systems
Blum Shapiro Consulting enables towns to harness their full revenue generating power by performing an operational assessment of the people, processes, and technology that drive property tax. Our consultants are experts in this field and will provide you recommendations that will uncover new funds and ensure future assessment and collection activities capture every dollar.

Call us to learn more

Our Sarbanes - Oxley and Corporate Governance Services are customized to your organization's needs. We would welcome the opportunity to talk with you about how our Sarbanes - Oxley and Corporate Governance Services can help to augment your controls environment to provide more security and protection.

Jeff Ziplow
Blum Shapiro Consulting
29 South Main Street
P.O. Box 272000
West Hartford, CT 06127-2000
860-561-4000
jziplow@blumshapiro.com






 
Home | Search | Contact | News/Resources | Career | Industries | Services | Community | About Us