CONSULTING SERVICES WORLDWIDE
MASP has successfully conducted consulting assignments all over the world for over twenty years on the following main areas of expertise:
Information Technologies Security, Auditing and controls
Internal Controls using MASP proprietary risk-based methodology using highly specific control objectives, COSO and Cobit approaches
Sarbanes-Oxley internal control assessment and testing using the COSO control framework for Section 404 compliance - We collaborate with CPA firms and consulting organizations providing Sarbanes-Oxley advisory services
We offer proven training programs on Sarbanes-Oxley through three seminars, including how to plan for ongoing and sustainable compliance after the initial year.
Control Self-Assessment (CSA) methodologies (MASP offers a rapid deployment package)
Audits of data centers, application systems, systems in development, LANs, advanced networks and emerging technologies
Preparing internal control plans for new emerging information technologies, including client/server and networks
General contingency plan preparation and auditing
Assistance in preparing Business process -oriented and e-commerce contingency plans and reviews of Plan's adequacy. We also offer a ready made contingency plan and business continuity model and a Zero Hour Contingencies Action Plan for crisis management on a license basis. (See Contingency Planning section)
Organizing and restructuring information systems auditing and security departments
MASP provides strategic and tactical-level consulting delivered only by very experienced consultants. MASP's policy is to work in close cooperation with client personnel in order to provide continuity upon project completion, assist in client personnel development and reduce consulting costs.
Through a network of associated consultants in the US and abroad, MASP can draw from additional expertise to provide sound knowledge in several countries. We have unique consulting credentials in Europe and Latin America.
MASP offers client organization flexibility in procuring consulting services based on:
Consulting days
A retainer basis for a pre-agreed number of days over a time period
A fixed project cost basis
A partial list of assignments for banking, industry, insurance, utilities and government organizations in many parts of the world, include:
Advisory services on installing COSO and risk based methodologies for internal control for Sarbanes-Oxley compliance
Training large (multi-billion) and small (under one million) companies in Sarbanes-Oxley compliance, including planning, controls assessment and remediation and planning for future sustainable compliance.
Reengineering of one of the largest Insurance Company's I/S Audit department, developing long-range directional plans for the most cost-effective audit program and worked on a retainer basis to advise audit management in the implementation of the reorganization plans.
Organizing dozens of I/S Audit and security functions for organizations in the US Europe, South America, Australasia and the Middle East.
Providing advisory services to develop corporate-wide management and internal control manuals and Control Self Assessment for the US Department of Agriculture and for other industrial companies. Provided training of top and middle-level management on Risk Management, Design of Internal Controls, and on the Development of Management Control Objectives for Internal Control manuals to comply with government regulations (OMB-A-123, 127 and FMFIA -Federal Managers Financial Integrity Act) for various domestic and overseas agencies.
Conducting reviews of internal controls for multi-million dollar system development projects for major government-related pension and retirement systems, data centers, disaster recovery provisions of banks, government and industrial installations.
Providing co-consulting advisory services for other consulting firms and joint training services with training institutes worldwide.
Structuring contingency and business
resumption plans for companies through licensing our Contingency Model Plan or
providing on-site assistance.
---------------------------------------------------------------------------------------------------------------------------------
CONSULTING
SERVICES IN SARBANES-OXLEY ACT COMPLIANCE AND ACTION PLAN DEVELOPMENT
The deadline for complying with
Sarbanes-Oxley requirements for small and international companies is nearing fast.
Your organization needs to urgently "assess" the status of your internal control
systems for financial reporting and the internal control structure for all business
processes that generate information that will end up in the financial statements.
This is typically phase one of the overall effort. Furthermore, the SEC has
mandated that a sound and acceptable framework for internal control must be employed
by your organization. They also indicate that the COSO internal control framework is the
acceptable framework.
Whether you use a COSO framework or not, you need to evaluate whether:
a)
The COSO approach is being utilized and how well; and
b) The internal controls under the
COSO framework are adequately being addressed.
We can assist your team in this critical assessment process that will help you elucidate what needs to be done to be compliant with sections 302 and 404 of Sarbanes-Oxley.
In order to
effectively accomplish this crucial task, your organization no doubt also needs a
practical risk assessment and risk prioritization methodology to accomplish the analysis
phase. Applying this risk assessment methodology will highlight those areas of high
exposure that should receive the "highest" level of internal control attention.
MASP has such a methodology. We have successfully used this methodology
in consulting and training assignments for decades worldwide.
We
have trained hundreds of risk management professionals and regular employees on how to
conduct these risk assessments in a very short time period. The methodology is so
practical and simple that it can be taught to people with all educational levels and
without any previous experience in risk assessment in a matter of hours via hands-on
workshops using their real-life situations.
Whatever you need:
We can assist and supplement your internal Sarbanes-Oxley compliance team. We can
also assist you in preparing a detailed compliance plan of action using a top-down
strategy. This strategy considers your organization's mission statement objectives
with an enterprise-wide vision as opposed to a narrow information technologies view of the
problem.
We also collaborate with CPA firms and consulting firms to complement their expertise and
internal resources that may be overcommited to clients.
Contact us at: admin@masp.com or call: 781-235-2895.
MANAGEMENT ADVISORY SERVICES & PUBLICATIONS (MASP/CPR-I) - P.O. Box 81151 - Wellesley Hills, MA 02481-0001
(781) 235-2895 - Fax: (781) 235-5446
- e-mail: info@masp.com.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
CONTROL SELF-ASSESSMENT - RAPID INSTALLATION PROGRAM
We have installed Control Self-Assessment programs and can provide a "rapid deployment" or "quick start" consulting and training package to help you install your own "Control Self-Assessment Programs with audit/control and line personnel's active participation in facilitation sessions dealing with actual company operational problems in record time.
Your staff is equipped to take over to minimize consulting/training costs. This includes a proprietary a manual on "Guidelines for Implementing and Facilitating CSA Programs", and a risk analysis methodology.
We have a unique and proven methodology and implementation manuals for Control-Self-Assessment Programs. We can help you in install CSA programs world-wide.
We welcome your inquiry
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
CONSULTING SERVICES IN DEVELOPING SERVICE LEVEL AGREEMENT (SLAs) FOR APPLICATION SERVICE PROVISIONING (ASP)
The key to outsourcing IT applications and services to Application Service Providers (ASPs) is to develop a sound set of Service Level Agreement (SLA) requirements that your company insists upon as a minimum to be willing to outsource IT applications and services with an acceptable level of trust. The young ASP outsourcing model, while economically attractive, lacks a set of firm standard SLAs. Outsourcing without a clear set of SLAs is extremely risky. Management Advisory Services & Publications (MASP) has devoted person years of effort to developing criteria and contents for SLAs. It provides consulting services to assist your organization in developing effective service level agreement (SLAs) packages to help you in selecting and negotiating with ASP outsource service companies. Our advisory services include:(781) 235-2895 - Fax: (781) 235-5446
- e-mail: info@masp.com.