Print Friendly, PDF & Email

IT Advisory

AAFCPAs’ integrated advisory practice strengthens the links between technology, processes and finance, and drives sustainable change and valuable process improvements.


IT, Process Controls, and Business Advisory Services

US businesses invest billions of dollars annually in information technology to boost their productivity. However, while companies continue to spend more on IT, many lack the expertise and resources necessary to quantify and maximize technology ROI.

AAF’s Business & IT Advisory Services advisors are corporate managers and technologists with a broad understanding of business, making us uniquely qualified to advise clients in making sound business decisions regarding business processes, IT systems, and performance controls.

AAF has a comprehensive understanding of how all the pieces of infrastructure, development, data processing, security and regulatory compliance should best fit together. Our impact has been known to raise the return on investment of technology, expand IT’s impact on the performance of your business, and add efficiency to processes while maintaining a focus on the effectiveness of internal controls.

IT Audit/Attestation

  • System and Organization Controls Reports®– Internal control reports on the services provided by a service organization providing valuable information that users need to assess and address the risks associated with an outsourced service
    • SSAE 18 examinations (SOC 1) (Formerly SAS 70, SSAE 16)
    • SOC 2, SOC 2+ and SOC 3
    • SOC for Cybersecurity – A reporting framework through which organizations can communicate relevant useful information about the effectiveness of their cybersecurity risk management program and CPAs can report on such information to meet the cybersecurity information needs of a broad range of stakeholders
  • HITRUST CSF self-assessment consulting, or SOC 2 + HITRUST for assessing against the evolving compliance landscape shaped by HITECH, HIPAA, CMS and various other federal, state and business requirements
  • Preparation for SOX 404 and internal audit for management’s assessment
  • IT audit

Business Process Improvement

IT Advisory

  • ERP and financial package selection
  • IT strategy
  • Cybersecurity assessment
  • Privacy assessment
  • Data analytics and fraud detection
  • Leveraging the cloud
  • Outsourcing strategies

AAFCPAs’ integrated Business & IT Advisory practice strengthens the links between technology, processes and finance, and drives sustainable change and valuable process improvements. AAF applies a pragmatic, business perspective to every IT investment, and focuses on making a competitive difference, increasing productivity, generating new revenue, and reducing costs.

Each member of our Business & IT Advisory services team has broad and deep domain expertise and over 20 years of success applying proven security principles to businesses and nonprofit organizations. The AAF IT Advisory Practice includes senior level advisors with both operations and consulting experience, who are former Controllers, Chief Financial Officers, Chief Information Officers, Chief Information Security Officers, and/or IT directors. Our professionals are visionaries, pragmatists, value creators and relentless cost cutters.

We provide solutions for very small companies (5 employees) through sophisticated midmarket organizations (~3,000 employees). Our exceptional value comes from delivering proven solutions with that ideal combination of expertise, service, and price.