Skip to content Skip to footer

Loading Results

Risk Assurance

The business environment is rife with risk. The challenge lies in staying ahead of those risks and preparing accordingly. Insight and independent assurance provide an invaluable safeguard in today’s complex operating environment. We can help you protect and strengthen every aspect of your business, from people to performance, systems to strategy, and business planning to business resilience.

Internal audit effectiveness

Should you be expecting more from internal audit? Enormous value can be gained when the expectation gap is closed. Capture this unrealized potential through value-added services and proactive strategic advice.

Providing performance assurance

How can you make sure your business is trusted by customers, partners and investors in a world of constant change and complexity? 

Managing risk in IT

IT risks affect your whole business, not just your IT-centric functions. The speed of technology change means that managing the immediate and long term impact of risks is much more than incident management. 

Business resilience

Resilient businesses have the ability to protect against, or adapt to, short or long term change. In a world that’s just getting riskier, any organizations lacking this ability are susceptible to business failure. 

Optimizing controls

A variety of ever changing external and internal factors impact what you need to monitor and how you need to report. In order to stay ahead of the curve and have a realistic view of what’s ahead, you need to get more out of your controls. 

We use the right combination of services to bring integrated solutions to your complex problems. Our approach yields practical solutions, not hefty reports, so you can easily strengthen every aspect of your business and tackle the future head on.

Specific areas include:


Internal Audit

Being able to spot operational issues and opportunities on the horizon is essential if you’re going to manage risk and optimize your business performance. We provide a full range of capabilities – from complete outsourcing to co-sourcing to project-by-project assistance – to help you lift performance and transform the role internal audit plays within your organization. Our IA practice also includes Quality Assurance Review (QAR) and setting up an IA function.

IT Risk Assurance 

We can help your organization identify, understand and manage key IT risks so you can achieve the best performance and keep your critical assets safe. Our holistic approach covers the entire risk assessment lifecycle, touching everything from IT controls, IT compliance, IT project governance and data mining. Our practice includes: 

  • ERP Controls

We can help you get the best performance and value from your ERP investments so you’re managing risk while balancing the right set of controls. We can help design, implement and maintain strong ERP controls that remain embedded in your day-to-day processes. 

  • Data Assurance and Analytics

We can assist you in improving the integrity of your business data so you can feel confident that the information generated is trustworthy and can help you make the right decisions. We can also help you manage this data in the most robust and detailed manner possible, with a particular focus on data analytics, data assurance and transformation.

  • Cybersecurity

We can help you shape a broader strategic response to cyber risk by helping you to understand your current capabilities and target your investment in the right places.

Performance Assurance

Building and maintaining trust have never been more important. We provide an independent perspective on financial and non-financial performance issues so you can proactively demonstrate to your stakeholders that you remain compliant while managing your operations and risks. Our practice includes:

  • Third party assurance 

Specialization offshoring, outsourcing and cost cutting is the reality of business today. Your reliance on third parties will only grow, so you need to create an ecosystem of trust where you have a clear line of sight between the promises you make and the people who are accountable for delivering them (e.g., SSAE 16, ISAE 3402, ISRS 4400, ISO 27001, ISO 9001, and ISO 22310 readiness and assessment reviews).

Business Controls Advisory

We can help you plan your approach to controls design and operations so you can accurately identify, assess and report on your risks. We’ll work with you to assess controls design at specific points during the business change lifecycle, lead/deliver a controls design work stream, develop and implement training, and create a culture of risk awareness in every facet of your organization.

Business Resilience

Using the PwC network, we can advise on both your sustainability aspirations and your commercial realities, and make those two agents work together. Climate change advisory, system certifications, sustainability reporting and assurance, and corporate responsibility strategy are just some of the ways we can help you address the business issues of a changing world. Our practice includes:

  • Regulatory compliance

No industry or company is untouched by the impacts of regulation. But are you letting regulation happen to you, or are you embracing the opportunities compliance can bring? We’ll help you prioritize what matters most and keep an eye on the regulatory changes that lie ahead so you can improve the processes, technology and data essential for successful short and long term compliance.

Contact us

Geraldine H.  Apostol

Geraldine H. Apostol

Internal Audit Partner

Tel: +63 (2) 8459 3040

Maria Rosell S. Gomez

Maria Rosell S. Gomez

Risk Assurance Partner

Tel: +63 (2) 8459 3184

Follow PwC Philippines