Internal Audit

McKonly & Asbury (M&A) Internal Audit (IA) has been meeting our client’s needs for over twenty years. We specialize in assessment of internal controls following The Institute of Internal Auditors International Professional Practices Framework (IPPF), and Generally Accepted Government Auditing Standards (Yellow Book). We have experience applying multiple internal control and information security frameworks. These include The Committee of Sponsoring Organizations of the Treadway Commission (COSO) Internal Control—Integrated Framework 2013 (ICIF-2013), Standards for Internal Control in the Federal Government (Green Book), National Institute of Standards and Technology Special Publication 800-53 (NIST SP 800-53) Security and Privacy Controls for Federal Information Systems and Organizations, NIST Cybersecurity Framework (CSF), Control Objectives for Information and Related Technologies (COBIT), Office of Management and Budget Circular A-123 Management’s Responsibility for Enterprise Risk Management and Internal Control (OMB Circular A-123), Federal Information Security Modernization Act of 2014 (FISMA) and Inspector General (IG) FISMA Metrics.

IA has certified professionals who provide consulting and outsourced services. Our professionals’ certifications include Certified Internal Auditors (CIA), Certified Information Systems Auditors (CISA), Certified in Risk Management Assurance (CRMA), Certified in Risk and Information Controls (CRISC), Certified Fraud Examiner (CFE), and IA Quality Assessor (qAC).

When you select M&A IA, we come along side of you to bridge your skill and independence gaps. We provide risk-based services and will perform the work or provide guidance and training. We provide skilled consultants who are knowledgeable in internal audit standards, regulatory compliance requirements, financial, information technology and operational processes and internal controls. M&A does not provide a one size fits all solution. We work with you to assess your needs from a risk-based perspective. As appropriate, our skilled and certified professionals provide services, training and knowledge transfer to meet the unique needs of your organization. IA provides effective and efficient internal audit services that meet or exceed the services provided by larger firms. As a member of the Prime Global Association of Advisory and Accounting Firms (PrimeGlobal), M&A has access to professionals with a large variety of specializations and locations worldwide.

IA provides a wide range of Internal Audit, risk management and consulting services. We perform the work to meet management’s objectives, which may include organizational and/or regulatory requirements. Our services include:

• Sarbanes Oxley Section 404 (SOX)
• Model Audit Rule (MAR)
• COSO 2013 Internal Control Integrated Framework
• IIA External Quality Assessment
• Information Technology/Security Risk Assessments/Audits
• National Institute of Standards and Technology (NIST)
• Federal Information Security Modernization Act (FISMA)
• Social and Labor Audits
• OMB Circular A-123 Management’s Responsibility for Enterprise Risk Management and Internal Control
• Green Book Standards for Internal Control in the Federal Government
• Performance Audits (Yellow Book)
• Operational Risk Assessments/Audits
• Chief Internal Audit Executive
• Business Ethics Audits
• Internal Audit Outsourcing/Co-sourcing