Getting the most from compliance.


While often seen as a time consuming and complex requirement, ICFR compliance can provide the opportunity to reduce audit costs, improve operational efficiencies and minimize risk-- the difference is in the approach.


Using a generic approach may seem the easiest solution given constraints on capacity and the knowledge required. However, it can also often lead to over-documentation (and therefore over-testing) through the application of inflexible templates. The end result: a program that meets regulation requirements, but doesn’t do much to help your actual business.


At Decision Point, we have a proven methodology that allows clients to effectively navigate the requirements while achieving efficiency. We do this by working with you to create an approach that considers your unique needs while addressing your company’s key risks within the right scope of processes and with only the most efficient controls.


We help you comply with the Sarbanes-Oxley Act of 2002 and NI 52-109 while supporting your business by:

  • Developing a risk-based, top-down approach to ICFR certification, including insight into the regulatory landscape and a clear picture of the project

  • Documenting the ICFR process and activities

  • Testing the ICFR process and identifying any gaps that management could resolve or self-identify prior to certification (and their audit, if required)

  • Reviewing control mapping

  • Performing a general IT controls review

  • Performing an application segregation duties review

  • Assisting with risk management activities

  • Providing process improvement activities

Controls are meant to protect the things that matter.

Companies that haven’t defined what matters attempt to address every risk with a control, regardless of importance. The result is redundant, irrelevant work and “deficiency noise” (reporting of control deficiencies that don’t matter) that can distract from the real risks you are facing.


We identify key business processes from both a compliance and operational standpoint, scoping out the less important, to ensure your ICFR program only focuses on what really matters to your business.

Focusing on the right risks.

Your organization has finite resources, so you want to make sure you effectively prioritize your control testing and remediation activities.

We help you identify the risks to your business, and their significance or likelihood of occurring, to ensure sufficient but not excessive work is performed.

Get the most from your regulatory efforts. Contact us today.

Insight for Your Industry.

Every industry is unique and has its own approach to manage business and regulatory requirements – just like your business. Our experienced team provides insight and pragmatic solutions spanning several industries.


Junior exploration, construction/development and producers all have their unique challenges. Whether it is managing the regulatory compliance landscape and meeting internal controls compliance or managing risks on a construction project or implementing a process improvement initiative at the mine site, our experience allows us to bring the optimal balance of best practice and practical solutions.

The Decision Point Difference

Working with the experienced Decision Point team, you'll have access to specialized knowledge and a customized approach that solves your business' unique operational challenges.