EisnerAmper scales its Risk Assessment Services with Cyber360

EisnerAmper LLP, one of the largest professional services firms in the world, is a premier accounting and business advisory services firm. EisnerAmper provides audit, accounting and tax services; valuation, due diligence, internal audit and risk management, litigation consulting and forensic accounting; as well as technology, compliance and regulatory, operational consulting and other professional services to a broad range of clients, including services to more than 200 public companies. The firm features 180 partnersand principals and 1,500 professionals. For more information www.eisneramper.com

Business Challenge

Organizations today face a rapidly increasing array of risks. From compliance to technology to operational risk, companies and boards of directors are constantly identifying challenges in assessing, preventing and mitigating the evolving threats that confront their companies daily.

These companies turn to EisnerAmper to bridge the gap between a company’s operational, financial, and technological departments to identify gaps in internal controls, develop a roadmap to implement pragmatic solutions to remediate risk, and/or create an action plan to respond to issues after a breach.

To deliver on their corporate goals, EisnerAmper often performs Cyber Risk Assessments, which provide clients with a checklist of where their current IT gaps are compared to their peers and what the potential financial impacts are based on their current position.

That said, prior to adoption of CENTRL, the process for performing these operations was manual; doing the best possible within MS Office. The team would send out a questionnaire in Word/Excel, review replies with the client, and provide a better version in Word/Excel as the final deliverable. Throughout the process, Eisner analysts had to work around the limitations of MS Office—from its clunkiness, to its lack of real time syncing, and its limited ability to insert visuals such as heatmaps.

Consistently focused on uncovering ways to deliver more value to clients, Partner in the Process, Risk and Technology Solutions (PRTS) Practice at EisnerAmper, Jerry Ravi,encouraged his team to find and leverage new technology where applicable to better serve clients. They found that in CENTRL’s Cyber360 Cyber Risk Assessment Platform.

What Cyber360 delivers for EisnerAmper

Having migrated their Cyber Risk Assessment practice process into CENTRL’s Cyber360, EisnerAmper can leverage the best-in-class compliance frameworks such as NIST, CIS Top 20 Controls, COBIT, CSF, and all the others which are all included in Cyber360 out-of-the-box. The firm also appreciates the flexibility of being able to customize to match and replicate their proprietary frameworks and methodologies developed over the years from performing a large number of these assessments across the industry.

Efficiency: In terms of efficiency gains to the Cyber Risk Assessment process, Kevin continued, “I found myself going in and asking the consultants to verify hours entered, as what they had entered was considerably lower than the usual time required, now using CENTRL. Jobs that normally take 50-60 staff hours of time, were coming in at 20-30 total hours,” an improvement of 33% to 50% time on projects. Kevin added further, “generally speaking, Cyber360 has saved us at least 20-30% time across the board”.

User Friendliness: The assessment approach that EisnerAmper leverages often includes over 200 questions. “The clear and concise user interface helps us quickly move through them and speed things along,” continued Tyler. “For new team members we are able to get them orientated and up-and-running on the tool very quickly, with just a few clicks, and then out contributing and using the tool in engagements from the get-go,” added Kevin.

Increased Income: Allowing EisnerAmper to adjust their pricing for clients who previously didn’t have as high of a willingness to pay for Cyber Risk Assessments, EisnerAmper is now able to offer them the service at a rate to capture their business. “The tool just helps us document and follow up so much more efficiently, which in turn is bringing in more profit for the firm as we are able to serve more clients and capture more of the cyber risk assessment market,” added Tyler Dwyer, Senior Associate in EisnerAmper’s PRTS practice.

Advanced features and analytics: Favorite features of CENTRL from EisnerAmper include the ability to create scaling and grading – including the ability to place critical items on a scale from red to yellow to green to help make it clear to clients their priorities and where actions should be taken. Also, the new ability to quantify impacts based on data and inputs much more precisely than was possible before.

Experience with the CENTRL Team: “Everyone at CENTRL is very responsive, they are very good about following up to keep things moving along, it’s been a very positive experience with the team,” stated Kevin. He continued: “We’ve even requested specific types of dashboards like the heatmaps and yellow-red-green meters, and the CENTRL’s development team has been very responsive and added them directly to the platform”.

IN CONCLUSION

“Especially in today’s world where we are all connected, the ability to pull up the tool directly with the client in the meeting, document live with them in the tool the answers and corresponding scores and reasoning for them, rather than needing to come back with notes tabulated later, has been a game changer,” concluded Kevin Brady at EisnerAmper. “Now, with CENTRL, it’s just go fill in the information, risk rank the answers, score them, and you get an output that you can pull from to design your presentation based the output’s visuals to tell the story.” He continued, “the tool really gets everything into a single place, all the clients we are managing throughout the year, and facilitates that whole process.”

GOING FORWARD

EisnerAmper has already begun to expand the use of the CENTRL platform into other areas such as Due Diligence Reviews, and IT Audit, Process, Risk and Controls Assessments. The firm is continuously exploring new ways to put to use CENTRL technology, both for expanded ways to put it to use for existing processes where it’s in use today as well as well as leveraging new enhancements. The team is impressed with the flexibility of the CENTL platform and is always interested in new uses and applications of the technology that may benefit its clients in the future.

“The tool just helps us document and follow up so much more efficiently, which in turn is bringing in more profit for the firm as we are able to serve more clients and capture more of the cyber risk assessment market “

Tyler Dwyer, Sr. Associate in EisnerAmper’s PRTS Practice

To download a copy of this case study, click here.