top of page

We help you comply with the Sarbanes-Oxley Act of 2002 and NI 52-109 while supporting your business by:

  • Developing a risk-based, top-down approach to ICFR certification, including insight into the regulatory landscape and a clear picture of the project

  • Documenting the ICFR process and activities

  • Testing the ICFR process and identifying any gaps that management could resolve or self-identify prior to certification (and their audit, if required)

  • Reviewing control mapping

  • Performing a general IT controls review

  • Performing an application segregation duties review

  • Assisting with risk management activities

  • Providing process improvement activities


Getting the most from compliance.


While often seen as a time consuming and complex requirement, ICFR compliance can provide the opportunity to reduce audit costs, improve operational efficiencies and minimize risk-- the difference is in the approach.


Using a generic approach may seem the easiest solution given constraints on capacity and the knowledge required. However, it can also often lead to over-documentation (and therefore over-testing) through the application of inflexible templates. The end result: a program that meets regulation requirements, but doesn’t do much to help your actual business.


At Decision Point, we have a proven methodology that allows clients to effectively navigate the requirements while achieving efficiency. We do this by working with you to create an approach that considers your unique needs while addressing your company’s key risks within the right scope of processes and with only the most efficient controls.

To see how our tailored approach can benefit your business and estimate your advisory fees, try out our calculator below.

  • Health Check: What are the Gaps?
    If you, your Board or Executive Leadership team want to know your company’s strengths and weaknesses with respect to Cyber Security, this is the right stage for you. With our in-house health check, we will complete a high-level review based on industry cyber security standards such as ISO and NIST to determine where you’re most vulnerable. Once we know where you stand, we’ll help you assess the risks for your specific business and determine the critical gaps and key areas in need of improvement. The result is a prioritized list of recommended action items to safeguard your company’s information. Contact us today to get the most from your Cyber Security efforts.
  • Cyber Roadmap: What's the Plan?
    You’ve identified the gaps in your Cyber Security, but what’s the best way to address them? Even the best laid out plan won’t work if it doesn’t align with your business operations and strategy. Our Cyber Roadmap offers a tailored, manageable plan that integrates key Cyber Security action items, based on priority and need while considering operational aspects such as available funds & resources. And since we focus on your organization as a whole, you’ll have a guideline that can lead you to successful data protection & Cyber Security. Contact us today to get the most from your Cyber Security efforts.
  • Incident Response Planning: Are You Prepared?
    You’ve put the time and effort into implementing a Cyber Security program, but with the ever changing & complex technological world as well as the increasing threat and likelihood of a cyber attack, your work doesn't end there. With your specific business in mind, Decision Point Cyber Security Advisors can help you create a proactive and robust Incident Response Plan so that when a breach occurs you are appropriately prepared to respond: giving your shareholders, customers, and Board the peace of mind they want. Contact us today to get the most from your Cyber Security efforts.
Insight for Your Industry.

Every industry is unique and has its own approach to manage business and regulatory requirements – just like your business. Our experienced team provides insight and pragmatic solutions spanning several industries.


Junior exploration, construction/development and producers all have their unique challenges. Whether it is managing the regulatory compliance landscape and meeting internal controls compliance or managing risks on a construction project or implementing a process improvement initiative at the mine site, our experience allows us to bring the optimal balance of best practice and practical solutions.


From credit unions to broker/dealers, our team has worked with a variety of financial institutions on their most pressing needs. Whether it is a cyber security review, designing a balanced scorecard for the organization or assisting with the implementation of a new system, we bring a pragmatic approach to all our work and ensure that our clients are provided with solutions that are sustainable.


The public sector is unique in that organizations have accountability to a much broader set of stakeholders than any private company. Layered on top of the high expectations is usually a myriad of regulations and compliance requirements. We have helped public sector entities with compliance with policies such as FOIPPA, international trade agreements or addressing findings from oversight bodies.


The BC manufacturing sector is a significant part of our economy. Managing the balance of containing costs, human resources and capital investment, is an art that management must master to succeed. Areas where our team has helped include process improvement, risk management, internal control certification and information technology security health checks.

The Decision Point Difference


Working with the experienced Decision Point team, you'll have access to specialized knowledge and a customized approach that solves your business' unique operational challenges.

bottom of page