Business Risk Services is the Advisory service line that helps clients comply with operating regulations, laws and requirements, including the following.

State and Regulatory Compliance Audit (GRC: Governance Risk and Compliance)

This line offers services so that as an independent firm can evaluate and conceptualize compliance with the regulations applied to entities, especially in relation to standards of the Colombian Financial Superintendence, and the requirements for foreign governments, as in the case Of the Sarbanes Oxley Act (SOX), the SOC audit (formerly SAS 70 and others).


Grant Thornton's methodology for the delivery of ERM services includes five phases:

  • Phase I - Analyze the governance structure for the company's risk management
  • Phase II - Identify the universe of risks and risk events
  • Phase III - Create the risk profile
  • Phase IV - Establish risk responses
  • Phase V - Improve Monitoring and Reporting Processes



Our Advisory Business Risk

Sarbanes-Oxley Service Audit (SOX)

Only those who have clearly structured numbers and a good view of their business, can identify weaknesses and opportunities early enough to react on time to events in their environment.

Audit of Organization

In order to help the service organization and its users to establish a reliable and standard process for the service organization's reports, we offer the following services:

IT Audit

IT Audit Services help the Organization manage risks and controls related to IT implementation and use to achieve business financial, operational, and regulatory objectives.

Computer Security

Cybersecurity frames a set of tools, policies, security safeguards, guidelines, risk management methods, actions, training and in summary a series of practices that can be used to protect the organization's assets and users in cyber-environment.

Performance Tests

Our service focuses on determining the speed at which a task is performed under particular working conditions on a specific information or application system.

Audit Security Social

As part of Social Security policies and strategies in Colombia, pensions and health are fundamental workers' rights, for which specialized support is required to guarantee access to these rights, in a transparent, equitable and the law.

BCP Services

We are certified by DRI International as Business Continuity Plans Consultant, CBCP and with training and certification as internal auditor in SGS, ISO 2005: 27001..

SAP Auditing and Computer Security

We have certified experts in security and auditing SAP in R / 3, CRM, BW. Our approach allows us to perform in SAP


Request a quote