Internal Audit & GRC

  • Internal audit for private sector
  • Enterprise risk management
  • Regulatory compliance
  • Corporate governance


The process by which policies are set and decision-making is executed.

Board advisory

  • Oversight 
  • Guidance

Corporate governance

  • Policies 
  • Procedures
  • Standards

Risk Management

This refers to the process for ensuring that important business processes and behaviours remain within the tolerances associated with those policies and decisions, to avoid an unacceptable level of uncertainty. Risks are addressed with a balance of mitigation through the application of controls, transfer through insurance, and avoidance or acceptance through governance mechanisms.

Risk catalogue

  • Risk identification
  • Risk assessments 
  • Risk workshops

Risk management

  • Strategy to mitigate risk
  • Risk monitoring 
  • Risk response


This entails the process of adherence to policies and decisions. Policies can be derived from internal directives, procedures, requirements or external laws, regulations, standards, and agreements.

Regulation compliance
Contract compliance

Internal Audit

  • Link the audit plan and GRC framework
  • Share available resources wherever and whenever possible
  • Cross-leverage each function’s respective competencies, roles, and responsibilities
  • Assess and monitor strategic risks