Calibrook
Internal controls review process

Service — Internal Controls

Understand where your controls are holding — and where they could be stronger.

A structured review of your internal controls gives you a clear, honest picture of how your processes operate in practice. Observations are presented plainly, with suggestions that are proportionate to your organisation's size and circumstances.

Back to Home Start the Conversation

What This Delivers

A clear, honest account of how your internal controls actually function.

When the review is complete, you will have a written report that distinguishes between controls that are operating well, those that could be strengthened, and areas where a gap is present. Each observation includes a brief explanation of why it matters and a practical suggestion for how it might be addressed.

The report is written for the people who will act on it — not for filing. Whether that is your finance director, your audit committee, or an external party requesting evidence of your control environment, the findings are presented in a way that is useful and readable.

A clear picture of your control environment

Strengths acknowledged, gaps identified, and nothing overstated. You will know what you are working with.

Practical, proportionate suggestions

Recommendations are sized to your organisation. We do not suggest enterprise-level solutions to straightforward problems.

Respect for your team's time

We work efficiently and communicate clearly about what we need. The review is conducted with minimal disruption to normal operations.

A fixed fee, agreed upfront

3,200 USD, confirmed before work begins. No scope creep, no billing surprises, no hourly uncertainty.

Understanding the Situation

Many organisations operate without a clear view of how their controls actually hold up.

Controls are put in place with the best intentions — approval procedures, segregation of duties, reconciliation processes — but over time, the way things are documented and the way they are actually done can drift apart. This is not a criticism; it reflects the reality of organisations that are growing, changing, or simply busy.

The difficulty is that without a structured review, it is hard to know where that drift has occurred. Some gaps carry real financial or operational consequence; others are minor. Without examining them, it is not possible to tell the difference — which means either overreacting to everything or, more commonly, not responding at all.

A controls review gives you the information to make those distinctions. It is not an adversarial exercise. It is a structured look at how things work, conducted with your team's co-operation and presented in a way that is useful rather than alarming.

Our Approach

A review built on the COSO framework, applied with judgment and context.

COSO-aligned framework

The review is structured around the five components of the COSO internal controls framework: control environment, risk assessment, control activities, information and communication, and monitoring. Applied proportionately, not mechanically.

Walk-throughs and testing

We do not rely on documentation alone. Key control processes are walked through to understand how they operate in practice, not just how they are described on paper.

Materiality-weighted reporting

Observations are classified by significance. Findings that require attention are clearly distinguished from those worth noting briefly. The report reflects what actually matters.

The Engagement

What the review involves and what to expect throughout.

The engagement begins with a brief scoping conversation — we discuss which areas of your control environment are in scope, what documentation exists, and which team members we will need to speak with. From there, we schedule the review to fit your calendar and confirm what you will need to prepare.

During the review, we examine documentation and walk through key processes with the relevant people in your organisation. Questions are direct and specific. We are not looking for things to criticise — we are building an accurate picture of how controls operate.

A draft report is shared before finalisation. You have the opportunity to raise factual points and understand the observations before the report is issued. The final report is yours to use as you see fit — whether for internal governance purposes, board reporting, or as preparation for an external audit.

01

Scoping and scheduling

Areas in scope agreed, documentation requirements confirmed, team contacts identified. Schedule set to minimise disruption.

02

Documentation review

Existing policies, procedures, and control documentation examined. Gaps between written procedures and actual practice noted.

03

Process walk-throughs

Key control processes followed end-to-end with relevant team members. How controls operate in practice, not just in theory.

04

Draft report shared

Observations drafted and shared with your team for factual review. Findings explained before finalisation.

05

Final report delivered

Written observations with practical suggestions, classified by significance. Ready for internal use, board presentation, or audit preparation.

Investment

A fixed fee. No surprises.

The Internal Controls Review is offered at a fixed fee of 3,200 USD, agreed and confirmed before any work begins. This covers the full engagement — scoping, documentation review, process walk-throughs, draft, and final report.

Fixed-fee pricing means your finance team can plan for the cost with certainty. There are no hourly billing uncertainties and no additions for reasonable follow-up questions after the report is delivered.

Request a Proposal

What is included

Full COSO-aligned internal controls review

Documentation review across agreed scope areas

Process walk-throughs with relevant team members

Draft report for factual review before finalisation

Final written report with observations classified by significance

Practical suggestions sized to your organisation

Post-report debrief with your team on request

Methodology

How we assess and report on your controls.

The value of a controls review depends on the consistency and rigour of the method applied. Here is what shapes ours.

Scope definition

Areas in scope are agreed before work begins. We focus on controls relevant to financial reporting, operational integrity, and compliance, weighted by their materiality to your organisation.

Design vs. operation

We assess both whether a control is designed appropriately for its purpose and whether it is operating as intended. A well-designed control that is not followed in practice offers limited protection.

Finding classification

Observations are classified by significance: items requiring prompt attention, items worth addressing in due course, and areas that are operating well and worth acknowledging. Findings are not presented as uniformly urgent.

Timeframe

Most engagements complete within two to four weeks from the start of fieldwork, depending on the breadth of scope and the availability of your team. Timelines are confirmed at the outset.

Our Commitment

Observations you can act on, presented without alarm.

We commit to a fixed fee, a specific scope, and a report that is plain and proportionate. Findings will not be inflated to make the engagement seem more valuable, and they will not be softened to avoid difficult conversations. The report reflects what we found.

Fixed fee

3,200 USD, agreed before work begins. The fee does not change based on what we find or how many observations appear in the report.

Draft review

You see the observations before the report is finalised. Factual corrections are addressed before the final version is issued.

Plain language

The report is written for the people who will use it. No jargon without explanation, no observations buried in qualification.

Getting Started

A straightforward path from here to a completed review.

Getting started does not require a formal commitment. A short exchange is enough to understand whether the scope fits your situation and to confirm the fixed fee.

Step 1

Get in touch

Send a brief note via the contact form or email [email protected]. A sentence or two about your organisation and what you are looking to understand is sufficient.

Step 2

Scope confirmed

A short conversation to agree which areas are in scope and to confirm the engagement letter and fixed fee. Usually handled within a few days of initial contact.

Step 3

Review begins

Once the engagement is confirmed, we schedule fieldwork around your team's availability and begin documentation review within the agreed timeframe.

Internal Controls Review

Ready to get a clear view of how your controls are holding?

We are glad to talk through the scope and confirm the fixed fee — with no obligation to proceed. The conversation is free and usually short.

Get in Touch

Other Services

Explore related engagements

Statutory Audit

Statutory Audit Engagement

An independent examination of your financial statements conducted to recognised standards. Traceable conclusions, plain language reporting, calm process throughout.

Typical range: 4,500 – 18,000 USD

Learn More

Readiness Assessment

Pre-Audit Readiness Assessment

A supportive review ahead of a formal audit, helping you prepare documentation and address open questions early. Makes the audit itself calmer and more predictable.

Fixed fee: 1,900 USD

Learn More
All Services

Cookie Preferences

Essential Cookies

Required for the website to function. Cannot be disabled.

Always on

Analytics Cookies

Help us understand how visitors use the site (anonymised data only).

Personalisation Cookies

Allow us to remember your preferences for a better experience.

Advertising Cookies

Used to serve relevant advertisements across partner networks.