The operations of the U.S. government are complex, and integrity and resilience are vital to upholding the public trust. As the global leader in financial and risk management consulting, we understand the challenges of the federal environment and offer unparalleled capabilities to respond. We believe it is critical for the public sector to have the same advantages and capabilities in technology and methods as those used by the private industry.


Contact Protiviti


Internal Controls Solutions

Through the Protiviti Team, the federal agencies have access to capabilities that will deliver exceptional levels of internal controls and audit, and unparalleled quality risk management programs:

  • Complete A-123 Internal Controls program – strategy to execution
  • Business process improvements and corrective actions
  • Audit services including forensic auditing
  • Operational Risk Management program to manage risks and risk appetites in areas generally not covered by A-123, including Dodd-Frank 961 Internal Control compliance
  • Access to proven tools and methodologies


Protiviti Expertise

Since 2002, unlike many large, national consultancies, Protiviti has made it its business to bring innovation, thought leadership, proven methodologies, advanced tools, and experienced personnel to not only serve our SOX 404 clients, but to make available to all organizations and entities performing internal controls assessments.

As the first publisher of the Frequently Asked Questions Regarding the Sarbanes-Oxley Act Executive Certification RequirementsGuide to the Sarbanes-Oxley Act: Internal Control Reporting Requirements - Frequently Asked Questions Regarding Section 404, and Frequently Asked Questions Regarding Compliance with OMB Circular A-123, Protiviti has been answering hundreds of questions to both the public sector and the private industry to assist in SOX compliance.

Serving as the foundation for our A-123 knowledge, Protiviti's Governance Portal ( is a web-enabled process and knowledge management electronic repository. Providing internal control documentation, evaluations, testing results, corrective action plans and progress tracking, it serves hundreds of Protiviti clients today.

The Spend Risk Assessor (SRA) is a proprietary web-based software application designed to analyze performance and assess risk across an organization's purchase-to-payment process. The SRA aggregates spend data across multiple systems, agencies, departments, locations and other units to identify risk such as improper payments, unusual invoice vouchering and inefficient purchasing activity. These web-based applications are some examples of the tools developed to facilitate cost-effective and sustainable compliance activities.

Protiviti performs forensic auditing services for the General Services Administration’s (GSA) Telecommunications and Ordering Pricing System (TOPS) Region 9 operations. The work includes analyzing an array of accounting reports to identify errors, omissions, and other issues. These reports include comparison reports, trending reports, manual invoices, and local service provider documents. Protiviti also reviews account setup and pricing in TOPS to ensure all billing and invoice items are up-to-date and accurate.


Why Protiviti

Protiviti is a recognized leader in both internal controls, and audit and risk management consulting with patented tools and technology that are helping large organizations identify and solve technology, finance, and human capital risks.

  • Sustained and Optimized Internal Controls Programs: Apply proven methods for establishing sustainable internal control programs that incorporate techniques of controls self-assessment, continuous monitoring and control rationalization.
  • Proven Technology and Technical Knowledge to Meet Business Objectives: Apply GRC technology knowledge and Protiviti’s market-leading Governance Portal for improved management and monitoring of risk programs.
  • Delivery of Thought Leaders and Subject-Matter Expertise: Access to recognized industry-leading consultants in ERM, GRC Technologies, regulations, and financial management.

Protiviti is currently assisting organizations around the world with their work plan development, risk assessment, documentation, controls design evaluation and operational effectiveness testing. We also help with corrective action activities that are part of the organizations’ assessment of internal control over financial reporting. We have a proven methodology and approach in conducting internal controls assessments and providing the basis for management's assessment. We leverage our institutional knowledge to enhance compliance programs that are implemented by the agencies in order to achieve the highest possible standards of performance on the financial management component of the President's Management Agenda (PMA).