Académique Documents
Professionnel Documents
Culture Documents
2. Stakeholders
IDENTIFY the stakeholders in your organization that should be aware of the COSO
Framework updates. The Board of Directors, management, personnel, and internal and
external auditors are stakeholders that utilize the COSO Framework.
3. Current Framework
EVALUATE whether the current COSO Framework is applied effectively
throughout the organization today. The way businesses operate today has drastically
changed since the original COSO Framework was published in 1992. New business models,
evolving technology, changing regulatory requirements and other challenges require a
system of internal control that can quickly adapt to changes in business, operating and
regulatory environments. How has your business changed and what are the implications on
your internal control program?
5. Well-Planned Transition
DETERMINE the internal budget and expertise needed and available to support
the transition from COSO92 to COSO2013. To schedule a complimentary consultation,
contact Amy Ribick, CFE, CRMA, at 314.983.1347 or aribick@bswllc.com.
Duplicate Payment
Review
It is not uncommon for companies to make duplicate payments to vendors. While companies can try to
reduce this risk through system controls, it is still prevalent and often more difficult to detect.
Vendors are often set up with more than one vendor number, making it easy for the same invoice
to get paid more than once.
Statements and invoices can look remarkably similar, causing the same amount to be entered more
than once.
Disparate accounts payable processing locations often allows a vendor to be paid for the same
invoice from two different locations.
If the system doesnt allow a duplicate invoice number, employees may alter the invoice number
by adding a -1 or an A, allowing it to be entered again.
Automated duplicate payment controls typically look for the same invoice number from a vendor
occurring in the same year. Transactions around the end of the year can be more susceptible to
duplicate payment.
SCOPE OF SERVICES
We help you identify potential duplicate payments. We do this by getting an understanding of the
controls in your systems and processes. We then combine that understanding with our knowledge of the
many ways duplicate payments can occur. Data analysis software, such as ACL, allows us to sift through
the large quantities of data and develop customized tests to run against your data to detect potential
duplicate payments in your system. The time period is up to you, though we have seen the best results
from at least 12 months of data.
We can provide you with the information necessary to contact vendors to reclaim your payments
along with suggestions for how to improve your controls to prevent or detect duplicate payments in
the future. We can also help you develop continuous monitoring procedures to search for potential
duplicate payments on regular basis.
These are just a few examples of the assistance we can provide. Contact one of us to discuss other
possibilities to analyze your data and improve your business. At Brown Smith Wallace, we make
A Measurable DifferenceTM.
Approach to
Process Improvement
At Brown Smith Wallace we view process improvement as a systematic approach to improving the performance
of our clients. Our approach doesnt entail fighting fires or placing blame. It involves identifying and
understanding the causes of performance issues, making recommendations and developing policies and
procedures to help our clients reap the rewards of better performance. Our 15 step approach is outlined below.
Plan
Establish improvement
objective
Select process
Document
Review current policies and
procedures
Evaluate
Review process for
adequacy of controls
Revise
Revise process flow chart for
agreed-to improvements
Finalize
Finalize process
We are happy to meet with you to discuss our approach and help you identify the benefits to your organization.
To learn how our risk advisory services can make A Measurable Difference for your organization,
please contact Ron Steinkamp, CPA, CIA, CFE at 314.983.1238 or rsteinkamp@bswllc.com
Comprehensive Accounting & Tax Consulting | Audit & Risk Management Services | Management Consulting | Financial Advisory Services
ST. LOUIS, MO | ST. CHARLES, MO | GLEN CARBON, IL
314.983.1200 | 636.255.3000 | 618.654.3100
INFO@BSWLLC.COM | 888.279.2792 | WWW.BSWLLC.COM
Business Continuity
You never know when disaster will strike. Business continuity planning minimizes the possibility of
interruptions and develops your ability to continue business operations during an unexpected natural disaster
or malicious activity, and throughout the recovery process.
What Is the Process?
Your business continuity plan assesses the current risk and impact a disaster will have on your business. It
identifies critical business processes and determines requirements necessary to recover. You receive feasible,
cost effective options that are current, viable and complete. Documentation is developed and updated to
ensure you are in a constant ready-state for execution.
A holistic and logical approach is followed to ensure critical business practices have been identified and alternate procedures are documented. This would include, but not limited to, human resources, facilities management, communication systems, Information Technology infrastructure resources, and media relations.
Who Needs Business Continuity Planning?
Any company requiring a high degree of confidence in their ability to continue business operations regardless of internal or external threats or activities.
Why Engage Brown Smith Wallace?
Our service professionals have wide industry experience in reviewing existing plans and providing business
continuity consulting services to a broad spectrum of service organizations including clients in the insurance,
marketing, and manufacturing industries. We ensure all sectors of the business from the enterprise down
to business unit levels are in place necessary to steer the business through both catastrophic disasters and
disruptive fluctuations in the business environment.
Proposed
development project
Planning & research
Design
Feasibility
Bidding
Contract
negotiation
Budgeting
Construction
start
Construction
in progress
Substantial
completion
Close out
Ongoing support
Construction Audit
1. ROI 2. Savings 3. Lower risk
These are the 3 tangible benefits our construction audit experts can bring to project
owners. We can help you achieve them by making sure you properly assess change orders and
other issues generated by the contractors specialists who are dedicated to maximizing the contract.
CONSTRUCTION AUDIT
Our typical/average ROI on a construction audit is 1-2% of the projects costs. We can provide a number
of tangible benefits, including:
Cost recovery of overcharges
Lower capital costs
Reduced project risks
Fewer open issues and disputes
Stronger financial controls and reporting
With the pressures in todays economy, construction and lease audits help reduce costs. Provider
agreements are large and complex, yet these audits are of low risk. The expertise of our Risk Services
practice provides an added value service on construction and lease audits with an ROI up to 15%.
CONSTRUCTION AUDIT
Owners who make a significant investment in capital for design and construction are open to many risks.
A planned, risk-based, targeted compliance program helps mitigate project risks and offer a number of
tangible benefits throughout the programs duration. Such benefits include:
Improved financial controls and reporting
Improved communication and project delivery
process
Increased awareness of vendors through
oversight
Reduced capital costs
Cost recovery due to unallowable charges
Improved contract language
Reduced project risks, open issues and
Sound policies and procedures
disputes
Focus on development and execution plan
LEASE AUDIT
When performing audits of common area maintenance charges (CAM), we focus on identifying and
quantifying invoiced cost exceptions that will result in savings. Our audits are successful because we have
the experience of analyzing the language in agreements and amendments. This experience along with a
consistent ROI are another way we make A Measurable Difference.
Our extensive review of common area maintenance audits includes:
Determination of audit/dispute time of CAM
Re-calculation of original vendor invoices
charges
Re-calculation of utility charges
Verification to source documents
Detailed itemization
Provisions of insurance coverage
Verification of allowed and disallowed charges
Contact Ted Flom, CPA, CISA, CIA at 314.983.1294, tflom@bswllc.com | Tony Munns, CISA, CIRM, CPIM at 314.983.1297,
tmunns@bswllc.com | Chris Menz, CPA at 314.983.1227, cmenz@bswllc.com.
ST. LOUIS, MO | ST. CHARLES, MO | GLEN CARBON, IL
314.983.1200 | 636.255.3000 | 618.654.3100
INFO@BSWLLC.COM | 888.279.2792 |WWW.BSWLLC.COM
Continuous Controls
Monitoring
Continuous controls monitoring (CCM) has been on the radar for many companies for several years. Recently,
however, more organizations are pushing towards meeting this best practice. Why initiate a CCM system now?
Your organization may have experienced loss or fraud and want to make sure it never happens again. You may be
automating time-intensive processes to increase efficiency. Or, you may have a security concern in a certain area,
such as payroll or accounts payable.
CCM is a systemic way of verifying transactions and reducing operational, compliance and financial risks. A key
goal is to catch control failures quickly, before they cause too much damage. Brown Smith Wallace builds CCM
systems that combine process and technology to identify potential errors, fraud, inefficient operations and audit
targets.
VALUE-ADDED APPROACH
Our CCM systems are custom-developed based on your systems, controls and specific requirements. The cost is
dramatically less than off the shelf systems. and focuses on your core needs. Our systems are designed to monitor
and validate controls to reduce risk, maintain compliance, manage costs and minimize losses.
Risk-based designs
Definable schedules
Customized thresholds
Simple and powerful reporting
Confident security
Accessible partnership
Our team will make A Measurable Difference with our holistic appraoch to continuous monitoring. We
look at your challenges strategically, operationally and financially to provide the best recommendations
in support of your goals. Our CCM ToolkitTM helps you determine the risks your organization needs to
monitor, the best approach to accomplish your goals and a timeline for implementation. Contact Jan Beckmann
to receive a complimentary CCM Toolkit for your organization.
You may be giving money away without realizing it. Our Cost Recovery Plus program helps recover cash
owed to you, retain the cash you have and restructure your processes and controls to prevent future problems.
Our local data analysis experts hold CPA, CIA, CISA and ACL certifications and have years of experience,
providing added value to our clients. This program is reasonably priced to help us partner with you to grow
your business.
RECOVER: Well help recover funds youre owed by identifying potential items for you to investigate.
+ Duplicate payments
+ Inappropriate corporate credit card transactions
+ Missed vendor discounts
+ Invalid employee benefits
+ Unused vendor credits
+ Customer short paid invoices
+ Invalid charges on construction projects
+ Duplicate freight charges
+ Duplicate employee reimbursements
+ Revenue leakage
Plus: We can address organizational or industry specific concerns such as royalties or long-term
contracts.
Plus: Once transactions are identified, we can provide investigative assistance.
RETAIN: Well identify opportunities to help you save money in the future.
+ Revising vendor and customer terms
+ Staffing review to reduce overtime
+ Customer credit review
+ Improved pricing through strategic sourcing
+ Changes in employee benefits and hours
+ Purchase order review procurement cards
Plus: Our information security experts can perform system penetration and vulnerability tests to verify
your data is safe from attack.
Plus: Our certified fraud examiners can perform specialized fraud risk assessments which highlight
specific areas of concern.
RESTRUCTURE: We will help you improve your processes and controls to prevent future problems.
+ Partner with management to identify
+ Provide a formal report of observations and
realistic changes
recommendations
For more information or to schedule your Cost Recovery Plus consultation, contact
Jan Beckmann at 314.983.1254, jbeckmann@bswllc.com.
ST. LOUIS, MO | ST. CHARLES, MO | GLEN CARBON, IL
314.983.1200 | 636.255.3000 | 618.654.3100
INFO@BSWLLC.COM | 888.279.2792 |WWW.BSWLLC.COM
Unfortunately organizations give away money as a part of their contracted obligations without realizing it.
Brown Smith Wallaces Best Practice Cost Recovery Plus program helps organizations recover cash owed to
you, retain the cash you have and restructure your contract processes and controls to prevent future problems.
Our local data analysis experts hold CPA, CIA, CISA and ACL certifications and have years of experience,
providing added value to our clients. Our contract compliance auditing experts oversee contract auditing for
some the largest organizations in the world such as Wal-Mart Stores, Inc. and Siemens.
RECOVER: Well help recover funds youre owed by identifying potential items for you to investigate.
+ Duplicate payments
+ Inappropriate corporate credit card transactions
+ Missed vendor discounts
+ Invalid employee benefits
+ Unused vendor credits
+ Customer short paid invoices
+ Invalid charges on construction projects
+ Duplicate freight charges
+ Duplicate employee reimbursements
+ Revenue leakage
Plus: We can address organizational or industry specific concerns such as royalties or long-term
contracts.
Plus: Once transactions are identified, we can provide investigative assistance.
RETAIN: Well identify opportunities to help you save money in the future.
+ Revising vendor and customer terms
+ Staffing review to reduce overtime
+ Customer credit review
+ Improved pricing through strategic sourcing
+ Changes in employee benefits and hours
+ Purchase order review procurement cards
Plus: Our information security experts can perform system penetration and vulnerability tests to verify
your data is safe from attack.
Plus: Our certified fraud examiners can perform specialized fraud risk assessments which highlight
specific areas of concern.
RESTRUCTURE: We will help you improve your processes and controls to prevent future problems.
+ Partner with management to identify
+ Provide a formal report of observations and
realistic changes
recommendations
Cost Segregation
Our cost segregation studies identify assets buried in building costs and assign the
shortest possible depreciation life to them, resulting in maximum tax deferrals on the
facility. For instance, if you are constructing a new building or undergoing major remodeling, we
allocate short life property to the correct life depreciation class. If we didnt, these assets would
come under the longer 39-year depreciation schedule that encompasses the building.
COST SEGREGATION STUDY
A thorough investigation is necessary to assign proper asset life classifications, which ultimately
saves you tax dollars. We follow a step-by-step IRS approved process that allows us to efficiently
determine short life property. While each project is different, our cost segregation studies
typically involve:
Reviewing architectural drawings
Conducting on-site facility inspections
Isolating shorter class life depreciation
Preparing detailed asset descriptions
Documenting assets qualifying for 3, 5, 7, 10, 15, 20 or 27.5 year life depreciation
Reviewing findings with management and preparing final reports
Careful segregation of personal and real property costs results in substantial tax savings. Better yet,
these tax savings come when you need them most -- the first few years after occupying a new or
remodeled facility.
By following a proven process, and applying our years of tax and cost segregation experience,
you will receive value and savings well in excess of our fees. Having worked with a wide variety
of clients including hospitals, universities, utilities, retailers, manufacturers, distributors, restaurants
and automobile dealerships, we will work hand-in-hand with you to achieve your goals
effectively and efficiently. Contact us to schedule an opportunity assessment.
CONSTRUCTION AUDIT
Our typical ROI on a construction audit is 1-2% of the projects cost. We can integrate a cost
segregation review with the audit, which typically increases the overall ROI we can provide on a
project to 3% or more. (Please see description of our construction audit services on the other side.)
www.bswllc.com
888.279.2792
Construction Audit
1. ROI 2. Savings 3. Lower risk
These are the 3 tangible benefits our construction audit experts can bring to project
owners. We can help you achieve them by making sure you properly assess change orders and
other issues generated by the contractors specialists who are dedicated to maximizing the contract.
CONSTRUCTION AUDIT
Our typical/average ROI on a construction audit is 1-2% of the projects costs. We can provide a number
of tangible benefits, including:
Cost recovery of overcharges
Lower capital costs
Reduced project risks
Fewer open issues and disputes
Stronger financial controls and reporting
www.bswllc.com
888.279.2792
Cost Segregation
Our cost segregation studies identify assets buried in building costs and assign the
shortest possible depreciation life to them, resulting in maximum tax deferrals on the
facility. For instance, if you are constructing a new building or undergoing major remodeling, we
allocate short life property to the correct life depreciation class. If we didnt, these assets would
come under the longer 39-year depreciation schedule that encompasses the building.
COST SEGREGATION STUDY
A thorough investigation is necessary to assign proper asset life classifications, which ultimately
saves you tax dollars. We follow a step-by-step IRS approved process that allows us to efficiently
determine short life property. While each project is different, our cost segregation studies
typically involve:
Reviewing architectural drawings
Conducting on-site facility inspections
Isolating shorter class life depreciation
Preparing detailed asset descriptions
Documenting assets qualifying for 3, 5, 7, 10, 15, 20 or 27.5 year life depreciation
Reviewing findings with management and preparing final reports
Careful segregation of personal and real property costs results in substantial tax savings. Better yet,
these tax savings come when you need them most -- the first few years after occupying a new or
remodeled facility.
By following a proven process, and applying our years of tax and cost segregation experience,
you will receive value and savings well in excess of our fees. Having worked with a wide variety
of clients including hospitals, universities, utilities, retailers, manufacturers, distributors, restaurants
and automobile dealerships, we will work hand-in-hand with you to achieve your goals
effectively and efficiently. Contact us to schedule an opportunity assessment.
CONSTRUCTION AUDIT
Our typical ROI on a construction audit is 1-2% of the projects cost. We can integrate a cost
segregation review with the audit, which typically increases the overall ROI we can provide on a
project to 3% or more. (Please see description of our construction audit services on the other side.)
Cost Segregation
Our cost segregation studies identify assets buried in building costs and assign the
shortest possible depreciation life to them, resulting in maximum tax deferrals on the
facility. For instance, if you are constructing a new building or undergoing major remodeling, we
allocate short life property to the correct life depreciation class. If we didnt, these assets would
come under the longer 39-year depreciation schedule that encompasses the building.
COST SEGREGATION STUDY
A thorough investigation is necessary to assign proper asset life classifications, which ultimately
saves you tax dollars. We follow a step-by-step IRS approved process that allows us to efficiently
determine short life property. While each project is different, our cost segregation studies
typically involve:
Reviewing architectural drawings
Conducting on-site facility inspections
Isolating shorter class life depreciation
Preparing detailed asset descriptions
Documenting assets qualifying for 3, 5, 7, 10, 15, 20 or 27.5 year life depreciation
Reviewing findings with management and preparing final reports
Careful segregation of personal and real property costs results in substantial tax savings. Better yet,
these tax savings come when you need them most -- the first few years after occupying a new or
remodeled facility.
By following a proven process, and applying our years of tax and cost segregation experience,
you will receive value and savings well in excess of our fees. Having worked with a wide variety
of clients including hospitals, universities, utilities, retailers, manufacturers, distributors, restaurants
and automobile dealerships, we will work hand-in-hand with you to achieve your goals
effectively and efficiently. Contact us to schedule an opportunity assessment.
CONSTRUCTION AUDIT
Our typical ROI on a construction audit is 1-2% of the projects cost. We can integrate a cost
segregation review with the audit, which typically increases the overall ROI we can provide on a
project to 3% or more. (Please see description of our construction audit services on the other side.)
System Conversion
Testing & Data Cleansing
Just imagine...The system conversion on which youve worked so diligently bombs on the go-live. Bad data is
brought over to the new system. Some data never shows up at all. Testing both the data that will populate the
new system and the mapping of the data to the new system can prevent this nightmare.
Data analysis software (e.g., ACL) enables us to test 100% of your data, regardless of the size of the file, so
we can provide you with a heat map that profiles and prioritizes all specific data and mapping issues.
CONVERSION TESTING
We only need three files for us to test the conversion efficiently (1) a dump of the data from the old
system, (2) the map to the new system, and (3) a dump of the resulting data after the test conversion in the
new system. Just 1, 2, 3 and we can quickly verify whether the conversion is working effectively.
DATA CLEANSING
Of course, a new system wont make bad data good. Well test the data to verify your new system is populated
with good data. Following are a sampling of the tests we can perform based on payroll data.
Corruption corrupt packets of data
Invalid data technically invalid dates and numbers
Missing data blanks in key fields such as social security number, name, and address
Duplicates the same employee with two employee numbers
Incorrect calculations verify the gross to net pay calculation
Illogical relationships data in two fields that doesnt make sense together such as birth date after
hire date
Outside bounds anything outside specified boundaries, e.g.,:
Employees younger than 16 or older than 70
Invalid codes in the employee status
Locations that dont exist
Payment to terminated employees
Employees with no tax withholdings or deductions
Dependent Eligibility
Verification Audits
The Brown Smith Wallace Process
Effective communication with employees is essential for a dependent eligibility verification audit. Since the
employee population varies at each company, our approach varies depending on what works best for each
organization. Engagements begin with a kick off meeting with management to discuss the scope, objectives
and approach. At this meeting, we discuss the various options available for conducting the dependent
eligibility verification audit and will agree upon the approach that makes sense for your organization.
Customized Questionnaires
We use technology as much as possible to customize the questionnaire and limit the amount of time
required by the employee to complete the process. Rather than sending out a lengthy questionnaire, we can
customize the request to the employee. For instance, if an employee is shown in the system to have a spouse
and no other dependents, there is no need for them to read through the information required for other
dependents. In these instances, we would only request a marriage certificate, prior years tax return showing
their status as married, and their acceptance of that statement that they are currently married to the person
shown as their spouse.
Web-Based Capabilities
For some companies, a web interface is the easiest and least expensive way for employees to complete their
requirements. Employers sometimes make a computer and scanner available at work for employee use if they
are concerned that these tools may not be available at home.
Email and Postal Service
If a web interface does not make sense for your company, requests for verification and documentation can be
sent to employees via company email or through the US Postal Service. The US Postal Service is more costly
than the other methods, but for certain employee populations, it may be the best method for completing the
audit.
Follow Up
We often employ multiple communication methods when follow up is required. For instance, if there was not
a good response rate through the web interface, we may follow up through email or the USPS.
Employee Communication
A BSW team member is always available during business hours to answer questions via phone. We make
sure that we treat employee questions with respect and assure them that their personal information is being
handled securely.
Dependent Eligibility
Verification
The rising cost of health care and health care reform is making news on a daily basis. You can share costs with
employees by increasing co-payments and premiums, you can help defray future costs by implementing a wellness
program, but how can you decrease your overall insurance costs now? You can realize a substantial savings when
you remove ineligible dependents from your insurance plan.
A dependent eligibility verification audit reduces insurance costs immediately by removing dependents ineligible
for insurance benefits and eliminating their future claims. On average, companies find 3% to 8% of their plans
dependents are not eligible, which can add up to substantial savings. Frequently, relatives such as ex-spouses,
grandchildren, nieces, or nephews are included as dependents, but are not eligible based upon the plan design.
Essential Communication
Communication is essential for the success of any project. You will find an engagement team member available by
phone for any questions plan participants may have throughout the audit. Calls are logged and made available to you.
We will also provide weekly status updates to you on the audits progress and results. To help you determine the success of the audit, we can identify and quantify claims paid for ineligible dependents. This is just one more
Disaster Preparedness
Business Continuity Planning
Checklist and Scorecard (continued)
Disaster Recovery
Disasters affecting business operations, such as tornadoes, earthquakes, floods, fires or malicious acts, are
unpredictable and can be devastating. They happen at any time with varying degrees of magnitude.
A disaster recovery plan documents procedures necessary to restore business resources prior to the disaster.
It provides you the opportunity to take positive action before the disaster occurs.
Companies of all sizes who need complete assurance they are sufficiently prepared to fully restore essential
IT infrastructures critical to supporting their business processes.
SCOPE OF SERVICES
The Disaster Recovery Team at Brown Smith Wallace meets with your appropriate business unit
leaders to review, evaluate and assist them in developing, constructing and testing a customized Information
Technology (IT) Disaster Recovery Plan. Whether reviewing an existing plan or establishing a new one, a
grass-root logical approach is applied. The recovery plan takes a holistic approach to business operations
while identifying the restoration objectives.
We identify critical business systems and applications, then develop and document associated recovery
procedures. Resources and action plans reside in a documented procedure with critical timelines established.
The areas we asses include, but are not limited to, human resources, facilities management, communication
systems, information technology, infrastructure resources and media relations.
Brown Smith Wallace has developed and performed hundreds of disaster recovery plans and reviews of
service organizations. We serve clients in a variety of industries, some of which include insurance,
manufacturing and marketing. Our service professionals restore confidence by assuring an effective disaster
recovery plan is in effect and disaster preparation is under control.
Disaster Recovery
Business Continuity Planning
Top 10 Checklist
Question
Rating
Energy Assessment
Services
Organizations of all sizes are challenged with balancing energy costs with productivity, budget limitations
and their strategies for environmental stewardship. Brown Smith Wallace provides energy assessment services
to help organizations save money, make smart energy choices and go green.
Energy Incentives
Your organization could benefit from many of the state, federal and utility incentives that are available.
Our energy services team can determine if your organization qualifies, and can help you develop the
appropriate incentive application documents.
Our licensed professional engineers (PE) can certify the detailed building inspections and energy
studies needed to qualify for federal tax deductions for energy efficiency improvements.
Energy Usage Analysis
Our energy experts can analyze your costs, usage patterns, waste, etc., to determine what cost savings you
may be missing.
Utility bill analysis Review historical utility bills to determine if costs, usage levels or usage patterns
indicate equipment problems, operational problems or unfavorable rate selections.
Building energy assessments Our experts can identify sources of energy waste and recommend
corrective actions by performing certified building inspections. These inspections can focus on your
specific needs ranging from a simple lighting survey to a detailed engineering system analysis.
Cost Comparisons
Provider selection Customers with retail electric or gas competition (e.g., Illinois commercial and
industrial facilities) have a choice of utility providers. Our energy experts can review competitive fee
structures and evaluate them based on your organizations usage patterns to determine which provider
can deliver the most economical services.
Project justification Our experts can provide an independent cost/benefit analysis of vendor
offers for the installation or retrofit of lighting, HVAC, windows or insulation. We can also provide
the documentation that supports your decisions.
Project analysis We provide detailed economic analyses of renewable energy and co-generation
projects to determine cost feasibility. We also identify all monetary incentives.
Our measurable difference is our energy industry expertise. Our team has over 25 years experience
performing energy project development, feasibility studies, cost estimating, project justification, project
auditing, project performance tracking and reporting. We unveil the carbon intensity of your operations and
identify opportunities to reduce your carbon footprint. For additional information, contact our energy
services leader, Nick Lombardi (see below).
To learn how our risk advisory services can make A Measurable Difference for your organization,
please contact Ron Steinkamp, CPA, CIA, CFE at 314.983.1238 or rsteinkamp@bswllc.com.
Comprehensive Accounting & Tax Consulting | Audit & Risk Management Services | Management Consulting | Financial Advisory Services
ST. LOUIS, MO | ST. CHARLES, MO | GLEN CARBON, IL
314.983.1200 | 636.255.3000 | 618.654.3100
INFO@BSWLLC.COM | 1.888.279.2792 | WWW.BSWLLC.COM
To learn how our risk advisory services can make A Measurable Difference for your organization,
please contact Ron Steinkamp, CPA, CIA, CFE at 314.983.1238 or rsteinkamp@bswllc.com.
Comprehensive Accounting & Tax Consulting | Audit & Risk Management Services | Management Consulting | Financial Advisory Services
ST. LOUIS, MO | ST. CHARLES, MO | GLEN CARBON, IL
314.983.1200 | 636.255.3000 | 618.654.3100
INFO@BSWLLC.COM | 1.888.279.2792 | WWW.BSWLLC.COM
To learn how our risk advisory services can make A Measurable Difference for yoru organization,
please contact Ron Steinkamp, CPA, CIA, CFE at 314.983.1328 or rsteinkamp@bswllc.com
Comprehensive Accounting & Tax Consulting | Audit & Risk Management Services | Management Consulting | Financial Advisory Services
ST. LOUIS, MO | ST. CHARLES, MO | GLEN CARBON, IL
314.983.1200 | 636.255.3000 | 618.654.3100
INFO@BSWLLC.COM | 1.888.279.2792 | WWW.BSWLLC.COM
To learn how our risk advisory services can make A Measurable Difference for yoru organization,
please contact Ron Steinkamp, CPA, CIA, CFE at 314.983.1328 or rsteinkamp@bswllc.com
Comprehensive Accounting & Tax Consulting | Audit & Risk Management Services | Management Consulting | Financial Advisory Services
ST. LOUIS, MO | ST. CHARLES, MO | GLEN CARBON, IL
314.983.1200 | 636.255.3000 | 618.654.3100
INFO@BSWLLC.COM | 1.888.279.2792 | WWW.BSWLLC.COM
Financial Institutions
IT Systems Review
The Federal Financial Institutions Examination Council (FFIEC) requires that financial institutions conduct
an independent review of their inforation technology systems each year. This review was designed to safeguard financial institutions customers and is enforced by regulators through the safety and soundness portion of their annual examinations. Brown Smith Wallace information technology systems review ensures
that your information technology system meets the regulatory requirements before the examiner walks
through the door. Using the FFIECs handbook and maximizing our professionals own experience with the
Federal Reserve, we take a comprehensive look at your key technology systems:
Audit
Management assessment
Develop and acquisition
Support and delivery
PC Security
Networking
LAN/WAN operations
E-banking
ATMs and wire transfer options
Ongoing consultation is provided to your staff in these ares throughout the engagement, culminating in a
final discussion with management. A comprehensive report is sent to the institutions board of directors or
audit committee following the engagement.
Meet the requirements of the regulators before they arrive
Cost-effective assurance on controls and security
Detailed report allows you to fully understand all areas reviewed
Mirros the review done by the regulators
Offers experienced consultants familiar with the guidelines
Provides a full, detailed report to management
Uses an efficient, planned approach
Disaster Preparedness
Business Continuity Planning
Checklist and Scorecard
Scoring -Y/N
Question
BUSINESS CONTINUITY PLANNING
1. Do you have a documented Disaster Preparedness Plan that includes Business Continuity Planning?
2. Has a business impact analysis been performed or documented identifying the financial impact that
would result if a business function was not operational for a day, a week or a month? What about
operational losses including: image or reputation, stakeholder confidence, regulatory or legal issues,
loss of competitive edge?
3. Does your plan identify critical business functions or processes that need to be protected or
recovered timely and are necessary to sustain business operations?
4. Are the business function or process flows documented so that they may be recreated including any
specialized materials (e.g. printed forms, etc.)?
5. Does your plan take into consideration work force (human resource) disruptions (e.g. pandemic)?
6. Do you have a documented evacuation plan in place for all your facilities?
7. Does you plan take into consideration work place disruptions due to natural disruptions
(e.g. tornado or earthquake) or incidents such as fire or utility outages?
8. Does the plan include services provided to the business by external service organizations?
9. Can critical business functions or processes be performed manually?
10. Has your plan undergone a test within the last 12 months?
CRISIS MANAGEMENT AND COMMUNICATION PLAN
1. Do you have a documented plan that defines who has decision making authority when a significant
business disruption occurs?
2. Is there a succession plan in place to transfer decision making power if an appointed team member is
unavailable due to unforseen circumstances?
3. Does the plan address performing an assessment?
4. Does the plan contain graduated guidelines to determine the extent of the business disruption when
performing the assessment and when to invoke business continuity or disaster recovery plans?
5. Does the plan address the type of media (e.g. call tree, e-mail, automated system) that will be used
to communicate with your employees?
Disaster Preparedness
Business Continuity Planning
Checklist and Scorecard (continued)
Disaster Recovery
Business Continuity Planning
Top 10 Checklist
Question
Rating
HIPAA - HITECH
Questionnaire
Key Questions to Determine if You are a Business Associate or
Covered Entity as Defined by HIPAA - HITECH Legislation
Recent additions to HIPAA regulations as a result of the HITECH legislation passed this year require that
Business Associates be compliant with the rules previously reserved for covered entities. The questions
below will help you determine if your company is a covered entity or business associate and therefore
needs to be HIPAA compliant.
Pre-SAS 70 Questionnaire
Key Questions to Answer Before Undergoing a SAS 70
There are many good reasons for a service organization to have a SAS 70 audit or review conducted.
Compliance, of course, is a major driver, but organizations that undertake a quality SAS 70 process can
use the report as a selling point to potential customers that they can trust your organization with their
information. You can also obtain valuable information that will enable you to improve your processes.
Before starting, however, it will make the process much more efficient and effective if you can answer these
key questions:
Have you considered the impact of the new SSAE 16 on the engagement?
SSAE 16 replaces the SAS 70 standards for reports issued after June 30, 2011.
Which category of audit will you need: SOC 1, SOC 2 or SOC 3?
Will this be a Type 1 or Type 2 audit?
Would you like to add other relevant compliance areas, such as Disaster Recovery, HIPAA,
GLBA, or PCI compliance, etc., to the scope of the SSAE16 engagement? There may be
advantages.
Cultural Institutions
Defense
Education
Electronics
Energy & Utilities
Environmental Services
Financial Services
Food
Foundations
Government
Health Care
Industrial Manufacturing
Insurance Leisure
Media
Membership Organizations
Metals & Mining
Pharmaceuticals
Real Estate
Retail
Security Products & Services
Telecommunications
Transportation
Certifications
Our team of experienced professionals has a diverse range of experience backed by some of the most wellknown credentials in the fraud and forensic, accounting, and consulting industries:
Certified Public Accountant (CPA)
Certified Fraud Examiner (CFE)
Certified in Financial Forensics (CFF)
Certified Forensic Accountant, Diplomate Status
(DABFA)
Certified Ethical Hacker (CEH)
ACL Certified Data Analyst (ACDA)
Certification in Risk Management Assurance
(CRMA)
Contact Don Mitchell, CPA, CFE at 314.983.1248, dmitchell@bswllc.com | Donna Beck Smith, CPA/ABV/CFF, CVA, ASA, Cr.FA.
at 314.983.1259, dsmith@bswllc.com | Ron Schmittling, CPA, CITP, CISA, CIA at 314.983.1398, rschmittling@bswllc.com.
ST. LOUIS, MO | ST. CHARLES, MO | HIGHLAND, IL
314.983.1200 | 636.255.3000 | 888.279.2792
INFO@BSWLLC.COM | WWW.BSWLLC.COM
COMPUTER FORENSICS
The extent of our digital society is requiring you to have the ability to investigate suspicious activity found
on computers. IT risks range from financial fraud to hackers gaining access to your data.
IT forensics is the process of recovering and analyzing deleted, cached and hidden data from IT equipment. Our professional IT forensics team has the ability to analyze a wide range of devices from laptops to
mainframes. Our services include:
Forensic Incident Response
Forensic Litigation Support
Incident Report Process Improvement
When you engage Brown Smith Wallace to investigate suspicious computer activity, our computer
forensics investigation follows a very specific eight step process:
FRAUD & FORENSIC EIGHT STEP PROCESS
1) Determine what your management knows and what they have uncovered
2) Quarantine the equipment
3) Engage an attorney and put the suspect(s) on leave of absence
4) Determine the nature of the fraud
5) Determine how much historical investigation is required
6) Investigate receipts, payroll, inventory, vendors and anything suspicious
7) Prepare a report to be presented to your management team
8) Implement the recommendations
Contact Don Mitchell, CPA, CFE at 314.983.1248, dmitchell@bswllc.com | Donna Beck Smith, CPA/ABV/CFF, CVA, ASA, Cr.FA.
at 314.983.1259, dsmith@bswllc.com | Ron Schmittling, CPA, CITP, CISA, CIA at 314.983.1398, rschmittling@bswllc.com.
ST. LOUIS, MO | ST. CHARLES, MO | HIGHLAND, IL
314.983.1200 | 636.255.3000 | 888.279.2792
INFO@BSWLLC.COM | WWW.BSWLLC.COM
Contact Don Mitchell, CPA, CFE at 314.983.1248, dmitchell@bswllc.com | Donna Beck Smith, CPA/ABV/CFF, CVA, ASA, Cr.FA.
at 314.983.1259, dsmith@bswllc.com | Ron Schmittling, CPA, CITP, CISA, CIA at 314.983.1398, rschmittling@bswllc.com.
ST. LOUIS, MO | ST. CHARLES, MO | GLEN CARBON, IL
314.983.1200 | 636.255.3000 | 618.654.3100
INFO@BSWLLC.COM | 888.279.2792 |WWW.BSWLLC.COM
Quantification of Damages
Expert Testimony
Our team provides assistance to the vitim company by performing an analysis of the activities and
quantification of the fraudsters illicit acts. The findings
of our team are then documented in a report specialized
to meet your insurance and companys specifications.
Ethics Hotline/Training
Providing
individuals
a
means
to
report
suspicious activity and conducting targeted fraud
awareness training for employees and managers.
Fraud Services
The pervasiveness and cost of corporate fraud, employee misappropriation of assets and financial statement
abuse is a huge problem in American business today. Because of the nature of corporate fraud, companies
need an expert specifically trained with experience in investigation, detection, quantification and
prevention techniques to thwart fraud.
Our team of experienced and credentialed forensic accountants have a proven track record and can help
you prevent and investigate fraudulent activity.
DETECTION AND PREVENTION
Fraud prevention processes, policies and controls are designed to stop fraud before it occurs. Our fraud
team can design a fraud detection and prevention plan that will help you:
Segregate duties
Perform an independent audit
Create a process of checks & balances
Perform an overall weakness assessment
Develop a procedure manual
Develop a conflict of interest policy
Here are some of the services and tools you have access to with the Brown Smith Wallace fraud team.
Fraud Risk Assessments
Fraud Diagnostic Tools
Fraud Investigations
- Anti-Corruption Fraud Prevention Toolkit
Fraud Prevention Review
- Fraud Detection & Prevention Toolkit
Continuous Monitoring Programs
- Fraud Prevention Checkup
DATA ANALYSIS
If suspicious activity is occurring in your business, call on the Brown Smith Wallace data analysis team.
We utilize powerful data analysis tools such as ACL, Microsoft Access and optical character recognition
software, etc., to help gather data and perform detailed analysis. Our data analysis professionals will
enable you to see who is accessing files, how the information is being manipulated, what information is
being recorded, etc.
As an example: Our team was able to detect a fraud in which engineering managers were booking costs to
closed projects while receiving bonuses for bringing current projects in under budget. Analyzing the data
provided the proof that the suspicions were correct and the disclosure put a stop to the activity.
Contact Donna Beck Smith, CPA/ABV/CFF, CVA, ASA, Cr.FA. at 314.983.1259, dsmith@bswllc.com or
Ryan Hauber, MBA, CFE at 314.983.1317, rhauber@bswllc.com.
ST. LOUIS, MO | ST. CHARLES, MO | GLEN CARBON, IL
314.983.1200 | 636.255.3000 | 618.654.3100
INFO@BSWLLC.COM | 888.279.2792 |WWW.BSWLLC.COM
Governmental
Risk-Based Advisory Services
Governments face many of the same risks as for-profit organizations, including fraud, inefficient use of
resources and inaccurate financial statements. It is important for management of these entities to have
a good understanding of the organizations risks in order to be able to effectively prioritize and manage
them. Brown Smith Wallaces Government Industry practice provides assurance and advisory services to
help government entities cost effectively address these risks. Our team has helped organizations of all
sizes manage risk and improve processes and internal controls.
SCOPE OF GOVERNMENTAL SERVICES
Our government-focused, risk-based assurance and advisory services team consists of a strong internal and
IT audit core that is supported by value-oriented capabilities in areas such as applications, process
improvement, construction audit, data analysis (ACL), disaster recovery and business continuity planning,
fraud prevention and detection, and information security and privacy. We use a flexible approach that is
scalable and supports federal, state and local governments. Below is a sampling of services we provide to
government organizations:
Internal Audit/
IT Audit
Fraud and Forensics
Process Improvement
Internal audit- co-sourcing
IT infrastructure assessments
Fraud prevention and
and outsourcing
detection programs
IT security- penetration and
Audit plan development and
vulnerability assessments
Fraud risk assessments
execution
Payment card industry data
Fraud checkup
Construction audit
security standard (PCI)
IT forensics
Data analysis
HIPAA assessment
Fraud investigations
Quality assurance reviews
Implementation risk
(QAR)
management
Internal control assessments
Application security and
controls
Continuous auditing
Business
continuity and
Process improvement and
disaster
recovery
design
Our Government Industry team is lead by Ron Steinkamp, CPA, CIA, CFE. With over 18 years of
experience, Ron has worked extensively with federal, state and local government agencies to develop,
enhance and direct internal audit functions, implement process improvement initiatives, conduct
compliance reviews, and lead and perform operational audits, construction audits, and fraud investigations.
Ron is supported by additional subject matter experts, making Brown Smith Wallace the largest and most
experienced firm to serve the risk management needs of governments throughout the Midwest.
To see how Brown Smith Wallace makes A Measurable Difference, please contact us to schedule an
initial risk assessment. In less than 30 minutes, we can identify your areas of greatest risk and begin
developing solutions.
Contact Ron Steinkamp, CPA, CIA, CFE, at 314.983.1238, rsteinkamp@bswllc.com | Ted Flom, CPA, CISA, CIA, at 314.983.1294,
tflom@bswllc.com | Tony Munns, CISA, FBCS, CIRM, CITP, at 314.983.1297, tmunns@bswllc.com.
ST. LOUIS, MO | ST. CHARLES, MO | HIGHLAND, IL
314.983.1200 | 636.255.3000 | 888.279.2792
INFO@BSWLLC.COM | WWW.BSWLLC.COM
Bill
Willbrand
Ted
Flom
Tony
Munns
Frank
Megargel
Cathy
Goldsticker
Larry
Pevnick
Rob
Haggerty
Jan
Beckmann
Financial Compliance
Tax Consulting
Value Network
Network Analysis
ACO Analysis
Member Vetting
HIPAA and IT
Security
Privacy
Disaster Recovery
PCI Compliance
Infrastructure Assessment
Financial Advisory
Valuation
Litigation Support
Expert Testimony
Business Advisory
Interim Management
Strategic Planning
Governance
Revenue Cycle
Operational Improvement
Insurance Reviews
Enterprise Risk
Internal Audit
Cost Segregation/Energy
Controls Review
Construction Audit
Bill
Willbrand
Ted
Flom
Cathy
Goldsticker
Frank
Megargel
Tony
Munns
Larry
Pevnick
Rob
Haggerty
Jan
Beckmann
Financial Compliance
Tax Consulting
Cost Segregation/Energy
Value Network
Network Analysis
ACO Analysis
Member Vetting
HIPAA and IT
Security Analysis
Privacy Review
Disaster Recovery
PCI Compliance
Infrastructure Assessment
Financial Advisory
Valuation
Litigation Support
Expert Testimony
Business Advisory
Interim Management
Strategic Planning
Operational Improvement
Insurance Reviews
Enterprise Risk
Internal Audit
Controls Review
Governance
Construction Audit
Fraud Prevention
Fraud Investigation
Bill
Willbrand
Ted
Flom
Cathy
Goldsticker
Frank
Megargel
Tony
Munns
Larry
Pevnick
Rob
Haggerty
Jan
Beckmann
Financial Compliance
Tax Consulting
Cost Segregation/Energy
Value Network
Network Analysis
ACO Analysis
Member Vetting
HIPAA and IT
Security Analysis
Privacy Review
Disaster Recovery
PCI Compliance
Infrastructure Assessment
Financial Advisory
Valuation
Litigation Support
Expert Testimony
Business Advisory
Interim Management
Strategic Planning
Operational Improvement
Insurance Reviews
Enterprise Risk
Internal Audit
Controls Review
Governance
Construction Audit
Fraud Prevention
Fraud Investigation
Bill
Willbrand
Ted
Flom
Tony
Munns
Frank
Megargel
Cathy
Goldsticker
Larry
Pevnick
Rob
Haggerty
Jan
Beckmann
Financial Compliance
Tax Consulting
Value Network
Network Analysis
ACO Analysis
Member Identification
Member Vetting
HIPAA and IT
Security
Privacy
Disaster Recovery
PCI Compliance
Infrastructure Assessment
Financial Advisory
Valuation
Litigation Support
Expert Testimony
Business Advisory
Interim Management
Strategic Planning
Governance
Revenue Cycle
Operational Improvement
Insurance Reviews
Enterprise Risk
Internal Audit
Cost Segregation/Energy
Controls Review
Construction Audit
rpresent@bswllc.com 314.983.1358
ST. LOUIS, MO | ST. CHARLES, MO | GLEN CARBON, IL
314.983.1200 | 636.255.3000 | 618.654.3100
INFO@BSWLLC.COM | 888.279.2792 |WWW.BSWLLC.COM
JAY KIRSCHBAUM, SENIOR VICE PRESIDENT & NATIONAL PRACTICE LEADER, WILLIS GROUP
Brown Smith Wallace has provided a complete suite of HIPAA security and privacy services to many of
our clients on a national basis. Over the years we have developed a relationship with Brown Smith Wallace
as a trusted HIPAA resource service provider and expert. If our clients request or require HIPAA support,
we refer them to Brown Smith Wallace as an option for service. We have always had positive feedback
from those referrals and look forward to having Brown Smith Wallace continue to be our HIPAA resource
partner.
Value NetworksSM
HIPAA & IT
Financial Advisory
Enterprise Risk
Business Advisory
Our team is led by Ron Present, CALA, CNHA, LNHA. Ron has more than 25 years of health care consulting and
operations experience. His expertise with hospitals, nursing homes, physicians practices and health care reform
enhances the expansion of our health care industry services. For more information on how we can make
A Measurable Difference for your organization, please contact us for more information.
Health Insurance
& TPA Services
When employee health benefits are well designed and well controlled, organizations can realize significant
cost savings. However, this is also an area where costs can escalate quickly and the cause can be difficult
to identify. At Brown Smith Wallace, we combine our expertise in insurance, data analysis, information
technology, consulting, and audit to provide a full-line of services related to health insurance and third
party administrator (TPA) performance evaluations. We can help you identify the problems and when
applicable, help you negotiate reimbursements. Our experts will help you devise a plan to achieve future
cost savings.
Medical Claim Audits
Verify your claims are processed as designated by your Plan by detailed claim re-adjudication performed
by claim experts with RN/BSN credentials and expertise. These audits identify invalid, duplicate, and
improperly processed claims and negotiate refunds where appropriate.
Prescription Drug Claim Audits
Identify inaccurate prescription drug costs and methods to reduce costs by 100% testing of pricing,
co-pays, discounts, rebates and fees using the data files provided by the TPA. We will negotiate refunds
where it is applicable.
Dependent Eligibility Verification Audits
Ensure you are paying only for eligible participants by 100% document-based verification of dependent
eligibility. Typically, 3% - 8% of dependents are ineligible some organizations have seen much higher
numbers.
Medicare Coordination of Benefits Reviews
Keep your retiree health benefits intact, but reduce your costs. Based on your current plan design, we will
put all the moving parts into one easy to read analysis. Considerations include: claim experience, moving
Medicare eligible participants to Medicare as the primary insurer, the cost of purchasing Medicare
supplements, and increasing premiums.
(Please see continued description of our health insurance and TPA services on the other side.)
Contact Jan Beckmann, CPA, at 314.983.1254, jbeckmann@bswllc.com | Larry Pevnick, CPA at 314.983.1247,lpevnick@bswllc.com
Bill Goddard, CPCU at 314.983.1253, bgoddard@bswllc.com.
ST. LOUIS, MO | ST. CHARLES, MO | HIGHLAND, IL
314.983.1200 | 636.255.3000 | 888.279.2792
INFO@BSWLLC.COM | WWW.BSWLLC.COM
Health Insurance
& TPA Services
Process, Procedure and Internal Control Evaluations
Identify process and control improvements for both you and your TPA. We assess and document
operations to identify potential reallocation of duties, continuous monitoring needs, duplication of effort,
and methods to streamline the processes.
SAS 70 Reviews
Assure your customers if you are the service provider. We assess a TPAs processes and internal controls to
produce a through and value-added SAS70 report for use by the TPAs customers.
Stop-Loss Evaluation of Limits and Experience
Reduce over and under insurance risk. We will analyze your claim experience, financial situation, and risk
tolerance to provide solid data behind our recommendation on stop-loss insurance deductibles and
whether it is necessary for your company.
HIPAA Gap Assessment and Remediation Planning
Verify compliance with HIPAA regulations or identify reasonable methods to bring your company into
compliance. We review your systems, processes, and procedures to identify gaps in HIPAA compliance
and develop recommendations for remediation.
Contact us to find out how our experts can make A Measurable DifferenceTM in your organization.
Contact Jan Beckmann, CPA, at 314.983.1254, jbeckmann@bswllc.com | Larry Pevnick, CPA at 314.983.1247,lpevnick@bswllc.com
Bill Goddard, CPCU at 314.983.1253, bgoddard@bswllc.com.
ST. LOUIS, MO | ST. CHARLES, MO | GLEN CARBON, IL
314.983.1200 | 636.255.3000 | 618.654.3100
INFO@BSWLLC.COM | 888.279.2792 |WWW.BSWLLC.COM
JAY KIRSCHBAUM, SENIOR VICE PRESIDENT & NATIONAL PRACITCE LEADER, WILLIS GROUP
Brown Smith Wallace has provided a complete suite of HIPAA security and privacy services to many of
our clients on a national basis. Over the years we have developed a relationship with Brown Smith Wallace
as a trusted HIPAA resource service provider and expert. If our clients request or require HIPAA support,
we refer them to Brown Smith Wallace as an option for service. We have always had positive feedback
from those referrals and look forward to having Brown Smith Wallace continue to be our HIPAA resource
partner.
The Health Insurance Portability and Accountability Act (HIPAA) legislation imposes strict requirements
related to the protection of personal health information handled by any organization. Medical practices,
hospitals, long-term care facilities, pharmacies, as well as employers who sponsor health insurance plans are
subject to HIPAAs requirements.
Our gap identification process reviews key elements related to security portion of HIPAA.
Process and
documentation, policy
and procedures, other
security administration
requirements
Establishment
of enforcable
programs and
systems
Proper access
procedures, locks and
other physical barriers
After our review of your existing security procedures and systems, we can provide you with customized
policies and procedures, including:
HIPAA Security Risk Analysis, tailored for your organization
Health Information Technology for Economic and Clinical Health Act (HITECH) and the Red Flag
Rules compliance
Required overall security processes (administrative, technical, and physical)
Information security policies
Disaster recovery procedures
Customized security technology
At Brown Smith Wallace, we make A Measurable Difference. Your complete HIPAA security risk
analysis, policies, and procedures will be based on answers to the gap analysis and are fully customized to
your organization. This custom approach, combined with our highly experienced HIPAA team members,
ensures the right compliance solution for you and your organization.
Contact Ted Flom, CPA, CISA, CIA at 314.983.1294, tflom@bswllc.com | Tony Munns, FBCS, CITP, CIRM, CISA at 314.983.1297,
tmunns@bswllc.com | Chris Menz, CPA at 314.983.1227, cmenz@bswllc.com.
ST. LOUIS, MO | ST. CHARLES, MO | GLEN CARBON, IL
314.983.1200 | 636.255.3000 | 618.654.3100
INFO@BSWLLC.COM | 888.279.2792 |WWW.BSWLLC.COM
IT Advisory Services
For those companies that need a strategic IT thinker as an advisor to their management team to ensure
their strategy is right, their problems are resolved, and their solutions systems are cost effective, IT
Advisory is the smart way to add that resource to your team. Our IT advisory services team has the
expertise and knowledge to help your company link your technology to business goals while making your
strategic investments count.
For those companies that do not have the time or the funds to add a full-time IT Strategic thinker to their
executive team, or need help doing so, Brown Smith Wallace provides you with a mentor to management
to help ensure that you are making the right decisions and getting the best value. We provide strategic and
objective input and direction, evaluations of technology, cost and business fit so that you obtain a good
ROI on your IT investment. Our IT advisory services team provides professional, independent advice on
critical IT areas that affect business performance, such as:
Strategic Planning
We work with you to develop a proactive IT strategy that integrates with your specific business
goals.
Applications Planning
We help you develop an applications approach that supports your business strategy focusing on
those areas that give you competitive advantage.
Infrastructure Management
We help you redesign the infrastructure of your systems to improve security, functionality and
reliability and where possible, reduce cost.
Systems Integration
By focusing on effective processes we can help remove redundant processes and improve
efficiency, timeliness, accuracy and integrity of processes.
Asset Management
From shared services to hardware, services and software licensing, we can drive cost reduction
while driving service improvement.
Data Management
Whether for compliance needs or for effective decision making, data management is critical. We
assist you in capitalizing on the data you already have.
Security
We can help you identify and address potential security exposures, such as loss of customer data,
loss of revenue and reputation damage, before they become problems.
Our IT advisory services team possesses a depth and breadth of expertise unmatched by any other firm in the
St. Louis area. Team members are senior-level professional staff with backgrounds in business consulting, IT
and accounting. Our team includes CPAs, CISAs, CIAs, CITPs, CPIMs, CIRMs and CFEs.
IT Forensics
COMPUTER FORENSICS
The extent of our digital society is requiring you to have the ability to investigate suspicious activity found
on computers. IT risks range from financial fraud to hackers gaining access to your data.
IT forensics is the process of recovering and analyzing deleted, cached and hidden data from IT equipment. Our professional IT forensics team has the ability to analyze a wide range of devices from laptops to
mainframes. Our services include:
Forensic Incident Response
Forensic Litigation Support
Incident Report Process Improvement
When you engage Brown Smith Wallace to investigate suspicious computer activity, our computer
forensics investigation follows a very specific eight step process:
FRAUD & FORENSIC EIGHT STEP PROCESS
1) Determine what your management knows and what they have uncovered
2) Quarantine the equipment
3) Engage an attorney and put the suspect(s) on leave of absence
4) Determine the nature of the fraud
5) Determine how much historical investigation is required
6) Investigate receipts, payroll, inventory, vendors and anything suspicious
7) Prepare a report to be presented to your management team
8) Implement the recommendations
PCI Compliance
The Payment Card Industry (PCI) Security Standards Council requires any company accepting,
processing or storing credit card information to comply with PCI security standards. PCI data security
standards protect customers from identity theft and security breaches.
PCI STANDARDS
Building and maintaining a secure network to protect cardholder data
Maintaining a vulnerability management program
Implementing strong access control measures
Regularly monitoring and testing networks
Maintaining an information security policy
A PCI Approved Scanning Vendor (ASV), like Brown Smith Wallace, must execute network vulnerability
scans to ensure that companies comply with PCI data security standards. Scans are performed over all
externally facing IP addresses that touch the credit card acceptance, transmission and storage process.
Failure to comply with the PCI security standards requirements may result in heavy fines, restrictions or
permanent expulsion from card acceptance programs.
The service team at Brown Smith Wallace provides the following services to ensure that our clients are
compliant with the standards set by the PCI Security Standards Council:
PCI compliance gap assessments
PCI merchant compliance scans and reviews
PCI card processor compliance reviews
PCI data hosting provider compliance reviews
The experienced staff at Brown Smith Wallace is uniquely qualified to perform PCI compliance reviews for
a broad spectrum of organizations in any industry.
PCI Compliance
The Payment Card Industry (PCI) Security Standards Council requires any company accepting,
processing or storing credit card information to comply with PCI security standards. PCI data security
standards protect customers from identity theft and security breaches.
PCI STANDARDS
Building and maintaining a secure network to protect cardholder data
Maintaining a vulnerability management program
Implementing strong access control measures
Regularly monitoring and testing networks
Maintaining an information security policy
A PCI Approved Scanning Vendor (ASV), like Brown Smith Wallace, must execute network vulnerability
scans to ensure that companies comply with PCI data security standards. Scans are performed over all
externally facing IP addresses that touch the credit card acceptance, transmission and storage process.
Failure to comply with the PCI security standards requirements may result in heavy fines, restrictions or
permanent expulsion from card acceptance programs.
The service team at Brown Smith Wallace provides the following services to ensure that our clients are
compliant with the standards set by the PCI Security Standards Council:
PCI compliance gap assessments
PCI merchant compliance scans and reviews
PCI card processor compliance reviews
PCI data hosting provider compliance reviews
The experienced staff at Brown Smith Wallace is uniquely qualified to perform PCI compliance reviews for
a broad spectrum of organizations in any industry.
We make a Measurable DifferenceTM. We bring big firm expertise and a small firms high touch service
approach at reasonable fees. We use a flexible approach and have scalable resources to support both
private and public companies ranging in size from startup to billion dollar multinational operations.
Please turn this page over for brief profiles of our retail services team leaders.
We make a Measurable DifferenceTM. We bring big firm expertise and a small firms high touch service
approach at reasonable fees. We use a flexible approach and have scalable resources to support both
private and public companies ranging in size from startup to billion dollar multinational operations.
Please turn this page over for brief profiles of our retail services team leaders.
www.bswllc.com
888.279.2792
Insurance
Pam Huelsman
20+ years retailing industry
Multi-state tax planning
Experience with 50 states
Nexus issues
Sales & use tax
www.bswllc.com
888.279.2792
Contact Ted Flom, CPA, CISA, CIA, at 314.983.1294, tflom@bswllc.com | Tony Munns, CISA, FBCS, CIRM, CITP, at 314.983.1297,
tmunns@bswllc.com | Chris Menz, CPA, at 314.983.1227, cmenz@bswllc.com.
ST. LOUIS, MO | ST. CHARLES, MO | HIGHLAND, IL
314.983.1200 | 636.255.3000 | 888.279.2792
INFO@BSWLLC.COM | WWW.BSWLLC.COM
Contact Ted Flom, CPA, CISA, CIA, at 314.983.1294, tflom@bswllc.com | Tony Munns, CISA, FBCS, CIRM, CITP, at 314.983.1297,
tmunns@bswllc.com | Chris Menz, CPA, at 314.983.1227, cmenz@bswllc.com.
ST. LOUIS, MO | ST. CHARLES, MO | GLEN CARBON, IL
314.983.1200 | 636.255.3000 | 618.654.3100
INFO@BSWLLC.COM | 1.888.279.2792 |WWW.BSWLLC.COM
Technology Risk
Business application
security and
controls
Disaster recovery
and business
continuation
IT audit
IT forensics
Infrastructure risk
Payment card
industry
compliance
Penetration studies
Security and
privacy
Vulnerability
assessment
Website security
Wireless security
review
Sarbanes-Oxley
Assistance
Audit planning and
risk assessment
Documentation
Planning and
organization
Program
development
Project
management
Remediation
Segregation of
duties analysis and
consulting
Testing
Risk Management is not an area of your business to be taken lightly. You need experienced and qualified
consultants working with you to understand and put in place a program that is appropriate to your
environment. Our group is led by highly experienced risk management professionals, providing you with
A Measurable Difference by ensuring you get the leadership and perspective you need.
Contact Ted Flom, CPA, CISA, CIA, at 314.983.1294, tflom@bswllc.com | Tony Munns, CISA, FBCS, CIRM, CITP, at 314.983.1297,
tmunns@bswllc.com | Chris Menz, CPA, at 314.983.1227, cmenz@bswllc.com.
ST. LOUIS, MO | ST. CHARLES, MO | GLEN CARBON, IL
314.983.1200 | 636.255.3000 | 618.654.3100
INFO@BSWLLC.COM | 888.279.2792 |WWW.BSWLLC.COM
Technology Risk
Business application
security and
controls
Disaster recovery
and business
continuation
IT audit
IT forensics
Infrastructure risk
Payment card
industry
compliance
Penetration studies
Security and
privacy
Vulnerability
assessment
Website security
Wireless security
review
Sarbanes-Oxley
Assistance
Audit planning and
risk assessment
Documentation
Planning and
organization
Program
development
Project
management
Remediation
Segregation of
duties analysis and
consulting
Testing
Risk Management is not an area of your business to be taken lightly. You need experienced and qualified
consultants working with you to understand and put in place a program that is appropriate to your
environment. Our group is led by highly experienced risk management professionals, providing you with
A Measurable Difference by ensuring you get the leadership and perspective you need.
Contact Ted Flom, CPA, CISA, CIA, at 314.983.1294, tflom@bswllc.com | Tony Munns, CISA, FBCS, CIRM, CITP, at 314.983.1297,
tmunns@bswllc.com | Chris Menz, CPA, at 314.983.1227, cmenz@bswllc.com.
ST. LOUIS, MO | ST. CHARLES, MO | HIGHLAND, IL
314.983.1200 | 636.255.3000 | 888.279.2792
INFO@BSWLLC.COM | WWW.BSWLLC.COM
Contact Ted Flom, CPA, CISA, CIA at 314.983.1294, tflom@bswllc.com | Tony Munns, CISA, CIRM, CPIM at 314.983.1297,
tmunns@bswllc.com | Chris Menz, CPA at 314.983.1227, cmenz@bswllc.com.
ST. LOUIS, MO | ST. CHARLES, MO | GLEN CARBON, IL
314.983.1200 | 636.255.3000 | 618.654.3100
INFO@BSWLLC.COM | 888.279.2792 |WWW.BSWLLC.COM
Financial Institutions
The Federal Financial Institutions Examination Council (FFIEC) requires that financial institutions conduct
an independent review of their inforation technology systems each year. This review was designed to safeguard financial institutions customers and is enforced by regulators through the safety and soundness portion of their annual examinations. Brown Smith Wallace information technology systems review ensures
that your information technology system meets the regulatory requirements before the examiner walks
through the door. Using the FFIECs handbook and maximizing our professionals own experience with the
Federal Reserve, we take a comprehensive look at your key technology systems:
Audit
Management assessment
Develop and acquisition
Support and delivery
PC Security
Networking
LAN/WAN operations
E-banking
ATMs and wire transfer options
For more information, contact Ron Present, CALA, CNHA, LNHA, at 314.983.1358, rpresent@bswllc.com.
ST. LOUIS, MO | ST. CHARLES, MO | GLEN CARBON, IL
314.983.1200 | 636.255.3000 | 618.654.3100
INFO@BSWLLC.COM | 888.279.2792 |WWW.BSWLLC.COM
For more information, contact Ron Present, CALA, CNHA, LNHA, at 314.983.1358, rpresent@bswllc.com.
For more information, contact Ron Present, CALA, CNHA, LNHA, at 314.983.1358, rpresent@bswllc.com.
For more information, contact Ron Present, CALA, CNHA, LNHA, at 314.983.1358, rpresent@bswllc.com.
Nine states have not shown significant exchange planning activity. Some of these states made progress in
2011, but ended their exchange planning efforts in the face of increasing political pressure. Planning initiatives
in Kansas, Oklahoma, and Wisconsin were halted earlier this year to await the outcomes of the Supreme Court
ruling and the November elections. Given the federal timetable for implementation, states with little planning
activity to date face an increasing likelihood of defaulting to a federally facilitated exchange.
In May 2012, the Missouri Legislature approved a ballot measure seeking voters input on whether the state
can create a state-based health insurance exchange without approval from the Legislature; such a measure could
prevent Governor Jay Nixon (D) from establishing an exchange via Executive Order. Legislation establishing a
state-based health insurance exchange failed in both the 2012 and 2011 legislative sessions. In June 2011, the
Senate had created the Senate Interim Committee on Health Insurance Exchanges to explore Missouris options
to establish a state-based exchange.
___________________________________________________________________________________________
About Ron Present
Ron Present, CALA, CNHA, is the healthcare services practice leader for Brown Smith Wallace
LLC. With over 25 years of healthcare industry experience, he has in-depth knowledge of the
operational structure of pre-acute, acute and post-acute healthcare environments. Ron
brings clients hands-on experience as both an industry executive and consultant. His
healthcare expertise includes strategic and operational consulting, revenue enhancement
and strategy implementation, reimbursement optimization strategies, turnaround
management, debt restructuring, HIPAA compliance, financial modeling, feasibility studies,
managed care contracting, certificate of need applications, valuations and expert witness
services. Contact Ron at 314.983.1358 or rpresent@bswllc.com.
About Brown Smith Wallace LLC
Brown Smith Wallace LLC is one of the Midwest regions most prominent locally owned public accounting
firms, serving clients with the traditional audit, accounting and tax services as well as a wide variety of business
consulting services. INSIDE Public Accounting has recognized Brown Smith Wallace nationally as a Top Five
Fastest Growing Firm in the $20 $30 million net revenue category. For more information on Brown Smith
Wallace, visit www.bswllc.com.
For more information, contact Ron Present, CALA, CNHA, LNHA, at 314.983.1358, rpresent@bswllc.com.