Enterprise Risk Management / Governance, Risk and Compliance
Getting the Best Practices in Place
We provide expertise and best practices to help our clients establish and maintain effective risk management functions. To ensure effective risk identification and risk management, we offer the following:
ERM Implementations and Risk Assessments
We work together with boards and executive management with the creation, operation, and maintenance of an enterprise-wide risk management function. This process includes selecting a risk management framework, establishing a risk appetite, identifying and assessing risks across the organization, and developing effective risk mitigation strategies.
GRC Implementations / Common Controls
We help management develop a coordinated strategy to manage the broad issues surrounding corporate governance, risk management and compliance with multiple laws and regulations. This effort is generally performed by integrating a set of common controls to meet the requirements of multiple compliance initiatives.
IT Controls for System Implementations
For strategic and IT initiatives, we provide independent project oversight and quality advisory services. We can perform either pre-implementation or post-implementation assessments surrounding project management practices, process design, data conversions, access controls design, and key configurations.
We advise and assess organizations with their plans and objectives related to the development, maintenance and testing of their crisis management, business continuity, and disaster recovery efforts.
CPA, QSA, ERM-57 CertifiedPresident and Co-Founder of The Cadence Group
Member of AICPA, UACPA, IIA and ISACA
As a co-founder of The Cadence Group, Gordy has worked with several large companies across a range of enterprise risk management functions. From a technical perspective, Gordy has managed various internal audit relationships, information security reviews, Sarbanes-Oxley projects, and SOC (System and Organization Control) reporting and agreed-upon procedure engagements. His core expertise is in designing and assessing IT and automated business process controls.