Risk Assurance and Advisory

Mitigate Risk and Maximize Opportunities in a Tech-Driven Business Landscape

Today’s technology-driven society has changed the landscape on how companies operate, how they serve and communicate with customers, and how they are expected to adapt to the ever-changing regulatory and compliance environment.  Wherever you may be in the continuum of your IT challenges, we can help.  A risk-management strategy and strong controls framework are the building blocks to ensure corporate governance across the people, processes and technology for both compliance and corporate governance purposes. Windham Brannon’s Risk Assurance and Advisory Services professionals are seasoned practitioners with decades of experience in performing both information assurance and risk advisory services such as SOC examinations, HIPAA security reviews, business process reviews, SOX 404 assistance, internal audit co-sourcing and software selections. We leverage our combined years of experience to serve clients ranging from Fortune 1000 to technology start-ups and ranging across a myriad of industries.


Our Risk Assurance and Advisory Services professionals are seasoned practitioners in the vast and complex IT world.

Dean Flores
Principal, Advisory, Risk Assurance and Advisory Services Leader

Phone: 678-510-2820


Read More

Rarely if ever do we come across a company that has no room for improvement in business processes. Companies that want a competitive edge, improved operational performance, and lower costs can benefit from business process improvement consulting. Our BPI consulting team will assess, document, and present findings related to processes and workflows with regard to risk and internal control considerations. The result is a leaner, more agile organization better equipped to respond to changing needs.

Internal controls, processes, and procedures rarely operate at optimum levels. In any company, there is room to improve risk management and identify – and overcome – business challenges that may be slowing down the company or leaving money on the table. Internal audit services provide independent and objective IT, operational, and compliance audit co-sourcing and outsourcing using a systematic and disciplined approach. Whether you want to improve your own processes or a vendor requires agreed-upon procedure reports, Windham Brannon’s efficient, personalized approach is designed to minimize disruptions and effectively manage risk.

Businesses in all industries, but especially public companies, healthcare, restaurants, and organizations that contract with the government, need to ensure that IT and data security are safely and proactively managed. To that end, we offer assessments and reporting for IT compliance requirements across industry segments, including SOX 404 (pre-IPO control design; public company annual audit requirements); HIPAA security (covered-entity and business associates); PCI compliance (merchants); and FISMA standards (government entities).

Corporate fraud will affect thousands of small and middle-market businesses each year, and sometimes the risk is present where you least expect it: from the finance department, where one person handles bank reconciliations, checks, and invoices. Or from an outdated but “if it’s not broken, don’t fix it” software that houses customer data or payroll. It’s vital to be proactive to identify and mitigate risk from within your organization. To address these challenges, Windham Brannon uses a risk-based approach to evaluate people, processes and technologies to build stronger corporate governance, lower risk exposure, help facilitate business decisions, and increase stakeholder confidence.

A common challenge among large and established companies is the need for increased security practices to protect against hackers or other security risks. System and Organization (SOC) reports assure data privacy, financial reporting, and security standards that comply with AICPA and other regulatory bodies. Windham Brannon can conduct SOC readiness assessments and provide independent SOC 1, SOC 2, and SOC 3 examination reports on systems and organizational controls.



When so much data is housed online, it is more important than ever to safeguard sensitive information. More than that, looking at the internal controls, processes, and procedures to identify areas of risk inherent in business operations can also improve the bottom line. We can assist emerging and middle-market companies across industry disciplines with a range of risk assurance consulting services. Furthering our in-house expertise, Windham Brannon staff support our profession by serving as SOC peer reviewers at the national level and contributing to national IT audit publications.



Find the latest industry news and insights from our team of experts.

View All
More information about the latest business insights on COVID-19Business Insights on COVID-19