The business environment today rewards organizations that are able to not only identify their business risks but effectively and efficiently manage those risks and unleash their true potential. To help you in this endeavor, our RI CPAs offer a broad suite of financial advisory services.


For companies looking to improve their internal controls, operations or business processes. Our services also include engagements to assist management with the development of policies and procedures. Examples include:

  • Internal Controls Improvement — companies looking to streamline controls for efficiencies/cost savings; or need to strengthen or redesign internal controls.
  • Operational Reviews/Business Process Improvement — companies looking to develop efficiencies in their internal financial reporting cycle.
  • Policies and Procedures Development — companies looking to design, develop & document business processes (e.g. all elements of a financial reporting cycle)—at a people, process, or technology level.

Improving Operations, Performance and Profitability

In order to keep pace with the dynamic marketplace, demands on today’s organizations are increasing and the result oftentimes also increases complexity. Processes that were once successful often become cumbersome and inefficient. To maintain growth, organizations must remain flexible, agile and profitable. Meeting these demands requires repeatable and sustained performance across the entire organization to support the ever evolving needs of the business.

Today’s organizations are faced with a dynamic marketplace. The economic and business environment as well as the lightning-fast pace of technological advancement have contributed to fierce competition; increased complexities; deadline-driven agendas; and rapidly aging processes that often become quickly obsolete.

Management needs to not only keep pace with rapid technological innovation but also the ever changing needs of customers and stakeholders. Whether it is people, process or technology, management is increasingly asked to get more done with less. At DiSanto, Priest & Co. we help our clients optimize processes by leveraging technology as a business tool and at the same time considering the impact on your people. We work with clients on all aspects of their processes from core operations on through to the financial closing cycle.

We Offer

  • Process redesign
  • Profitability improvement
  • Process mapping

If your organization is struggling with time consuming and inaccurate or inefficient processes come talk with our team of professionals. We collectively have decades of experience across a multitude of industries and can help you meet your strategic goals.


Internal Audit Services-Outsourced and Co-Sourced

For companies looking to outsource their internal audit function or “co-source” certain areas of their internal audit function (specific audits or entire areas of the internal audit function).  This typically involves highly skilled areas, such as the Information Technology audit area.

Managing Risks and Achieving Your Strategic Objectives

Companies today operate in a challenging environment where risk and reward must constantly be evaluated to maximize return for the organization.  The role and value of internal audit is always changing due to economic conditions, organizational structure, M&A, and a multitude of additional risks.

Today’s internal audit function endeavors to be a strategic partner with management by promoting effective controls, and improving corporate governance.

DiSanto, Priest & Co.’s internal audit practice provides the customized assistance you need whether you are a technology company, government contractor, nonprofit organization, educational institution or a manufacturing company. DiSanto Priest consultants have in-depth industry knowledge to support the internal audit mission in a multitude of compliance and regulatory environments. We offer a full array of services that are particularly important when budgets are tight and resources are stretched.

By employing a process-oriented approach, we focus on aligning the right internal controls with company risks. Business processes are reviewed and evaluated for their impact on existing practices.  With DiSanto, Priest & Co. as your internal auditor, you will have confidence that you are receiving service from a credible and well-respected firm.  Our team possesses three key qualities necessary to suit your internal audit needs:

  • Substantial knowledge of internal controls;
  • Broad industry experience; and
  • Business process and information technology experience.

We Offer

  • Outsourced & Co-Sourced Internal Audit Services
  • Audit Committee Advisory
  • Information Technology Audits
  • Financial Controls & Sarbanes-Oxley Compliance
  • Fraud Risk Assessments
  • Internal Audit Plans & Transformation
  • Specialized Internal Audit Skills
  • Operational & Financial Internal Audits
  • Enterprise Wide Risk Assessment


For organizations looking to prepare for or maintain compliance with The Sarbanes-Oxley Act of 2002 (aka: “Sarbanes Oxley”). One example of its key provisions is Section 404 which addresses Assessment of Internal Control. This provision requires management and the external auditor to report on the adequacy of the company’s internal control on financial reporting (ICFR). It is considered the most costly aspect for companies to implement. However, standards for compliance, guidance and practice have evolved since its enactment. DiSanto, Priest & Co. uses these evolved standards to assist management with their Sarbanes Oxley responsibilities, maintain compliance with the law, and help alleviate costs.

Commitment Beyond Compliance

Over the years, our team has worked with multiple commercial clients to assist them in preparing for or maintaining compliance with the Sarbanes-Oxley Act, and to evaluate, document and improve the effectiveness of their internal controls over financial reporting. We understand the need to integrate the responsibilities of the internal audit function with the need to satisfy Sarbanes Oxley related compliance requirements.

The DiSanto, Priest & Co. internal audit framework takes both an entity-level and a process-level view of the business utilizing the following methodology:

  • Project planning: analysis of financial statements and disclosures to identify significant business units & processes
  • Assessment of design and effectiveness of the system of internal controls
  • Assessment of the current maturity level of the internal controls system
  • Identification of weaknesses and gaps
  • Development of remediation plans
  • Design of a management assertion support process.

DiSanto, Priest & Co. adheres to the standards of the Institute of Internal Auditors regarding the nature, timing and extent of work. The experience we have encompasses the full life cycle of the Sarbanes-Oxley process.

Regardless of our role—whether it is a co-sourced or outsourced provider of your internal audit—as your Sarbanes Oxley compliance servicer, DiSanto, Priest & Co. will maintain independence and objectivity. Documentation and testing of the internal controls can be an important component of, and therefore utilized by, your third-party external auditors as they plan and perform audits of your financial statements.

We Offer

  • Design and Development of Control Framework
  • Self-Assessment Design
  • Control Documentation
  • Controls Remediation
  • Control Sustainability Consulting


For organizations looking to manage risk relative to attainment of strategic corporate goals.  All organizations – big or small, public or private – have risks they must proactively manage in order to survive and succeed in today’s marketplace.  This engagement defines risk associated with organizational, operating, regulatory, reputation, etc.; assigns a risk level to each; then designs a program to “manage” these risks, so you can concentrate on maintaining value for the organization and its key stakeholders.

A Commitment to Strategically Aligning Corporate Goals and Risk

Today’s business environment is dynamic, complex and increasingly global.  On a daily basis, companies are exposed to unprecedented levels of risk in virtually every aspect of their organization.  This trend is only expected to continue to escalate at an alarming pace.  In the meantime, company management is confronted with an increasingly difficult task—to manage risk and provide value for investors.

For a number of years now, Enterprise Risk Management (ERM) has served as the leading global approach to managing and optimizing risks. The process includes identifying, analyzing, overseeing and monitoring the potential risks to an organization.  However, the most critical element to a successful ERM process is the linking of identified risks to strategic corporate goals.  At DiSanto, Priest & Co., we work with you to employ a well-structured ERM program that incorporates this critical element, thereby allowing your organization to reduce risk exposure to an acceptable level while still maintaining value to the organization and key stakeholders.

We Offer

  • Strategic risk management design and implementation
  • Strategic goal and Risk identification and definitions
  • Risk management maturity and performance
  • Corporate governance assessment and design
  • Risk tolerance assessment
  • Board and Key Management ERM facilitation


We Offer

  • Service Organization Control (SOC 1) Report No.1 (formerly SAS No. 70)
    • Examines internal controls at a service organization that impact user entity’s controls over financial reporting
  • Service Organization Control (SOC 2) Report No. 2
    • Examines the internal controls at a service organization with respect to the trust service principles; Security, Availability, Confidentiality, Processing Integrity and Privacy
  • Service Organization Control (SOC 3) Report No. 3
    • Involves the same procedures as a SOC 2 examination without all of the details which allows the report to be more widely distributed, and most often used as a marketing tool

We Help You

At an ever increasing speed, companies are using outside Service Organizations to perform activities that are core to their business operations.  They do so to focus time, energy, and resources on those activities that are central to their long term success.  However, with the need to outsource comes an equally important need for more trust and transparency with the outsourced service company’s operations, processes and results.  Customers need assurance that Service Organizations can perform as advertised, deliver what was promised, and continue to meet established expectations, year in and year out.  Management within an organization that has chosen to outsource want their Service Organizations to provide assurance over a range of general and industry specific concerns:

  • Security
  • Availability
  • Confidentiality
  • Processing Integrity
  • Privacy

DiSanto, Priest & Co. performs the following Third-Party Assurance (Service Organization Control – SOC) reporting services:

  • Financial reporting controls
  • Data security
  • Privacy
  • Regulatory compliance
  • Service Level Agreements
  • State and Federal Information Security laws

A Tailored Approach

At DiSanto, Priest & Co. we understand Service Organizations and their client base. Together, we work to provide a solution that can save considerable time, money and effort.  We start by first determining if your organization needs a SOC report, and then provide a solution that most closely aligns with strategic and project goals.

Our tailored approach to providing these specific assurance services make it possible for you to approach both existing and prospective customers with confidence and to convey trust and transparency.  If you must address subject matter that does not appear satisfied by any of the Service Organization Control (SOC) reports, a customized attestation report using another AIPCA attestation standard may be the missing piece to the puzzle.  DiSanto, Priest & Co. can help you find that missing piece.


  • This field is for validation purposes and should be left unchanged.