Risk Advisory

Assess, manage and mitigate risk in all its forms

Financial, technological, regulatory and operational risk is inevitable, but organizational harm from inadequately managing that risk is highly preventable. 

At CFGI, our Risk Advisory experts have extensive experience helping organizations optimize the many facets of risk management. 

How CFGI helps

We can assist with internal audits, interim management and staff augmentation, compliance, internal controls, process assessments and countless more risk management solutions.

Some of the core risk advisory services we provide include:   

SOX compliance and internal audit

We have supported hundreds of SOX implementations and have provided ongoing support for those implementations. We deliver outsourced and co-sourced SOX and Internal Audit services, COSO mapping, and more. Our Big 4 background gives us the perfect context and knowledge to provide you SOX and Internal Audit support that will be relied upon by your external auditors, reducing your audit fees.

Risk management

We provide assistance with enterprise risk management (ERM) to build out an effective Internal Audit charter and ensure the audit universe is comprehensive and responsive to the risk your organization faces. We can also conduct financial, IT, operational and fraud risk assessments to help your organization make strategic operational decisions.

Interim management and staff augmentation

We supply highly skilled interim management services for roles including Chief Audit Executive, Director of Internal Audit, and finance and IT staff augmentation.

Integration support

Together with our IT Risk Advisory team members, we aid in system and application selection and provide implementation support. We also help with the cross-functional aspects of managing risk across systems, including vendor risk assessments, project management, governance, acquisition integration and more.

Governance, risk and compliance

We support GRC implementations and help your organization with vendor due diligence. We also provide guidance and oversight in the development of policies and procedures.

Process improvements

Our risk, operations, finance and IT experts perform enterprise-wide assessments of the people, processes, technology and organization. We supply strategic support for executive management in improving their processes to comply with regulations or reduce risk. We also assist with Robotic Process Automation (RPA) compliance and blockchain strategy and compliance. See our RPA and Finance Transformation services on the many other ways we support process improvement at our clients.

SOC 1 and SOC 2 reports

We assess SOC 1 and SOC 2 report readiness, and we provide an extensive review of reports once drafted.


We provide audit committee and management training as well as education on governance, risk management and internal controls. Our IT Risk Advisory counterparts can also provide training in transformative technology areas for senior management such as blockchain, or in critical areas like cybersecurity or data privacy. 


It takes a special type of Risk Advisory team to adequately identify, assess, manage and mitigate risk across the entirety of an organization’s people, processes and technologies. 

CFGI delivers that team.

Our experts work closely with organizational stakeholders and external auditors to provide synergistic Risk Advisory solutions that minimize risk exposure and maximize the efficiency and performance of mitigation strategies.