Introducing Case B

This organisation is one of the Big Four international firms specialising in audit, tax, consulting and financial advisory services. It focuses on providing clients with high quality services through a global strategy executed locally in nearly 140 countries with the help of approximately 165000 people worldwide.

5.5.1. Overview of the Egyptian Member

Audit Firm B was established in Egypt in 1950s. It is considered to be one of the leading firms in Egypt and the Middle East. In Egypt, the firm provides its services to multinational companies, large national corporations and prominent private businesses as well as public sector companies and banks. It employs about 350 staff members. The firm claims that its staff possess specialised knowledge, strengthened by the global resources and expertise of their international organisation, allowing them to provide high quality services to their clients.

163 5.5.2. Professional Services

This firm claims that it renders different services to their clients including:

Tax services: the team who renders this service aims to keep their clients aware of any developments of tax laws that may affect their business. In addition, the team indicates that they can help clients to interpret the significance of these laws and consider their effects on business strategy.

Consulting: the consulting division indicates that it provides customers with the help needed to perform any required changes in different areas. These areas include enterprise applications, human capital, strategy and operations, technology integration and outsourcing. The consulting division tries to help their clients to run their business more effectively and efficiently, improve the cash flow and cut costs, gain a competitive edge, and expand their financial management capability.

Financial advisory service: this service provides strategic and financial advisory services to clients throughout the phase of the economic cycle. It comprises five distinct but related global service lines whose shared principal objective is the creation and enhancement of shareholder and stakeholder value. The main service lines are corporate finance, forensic and dispute services, transaction services, reorganisation services, merger integration, acquisition and due diligence services, and valuation services.

Enterprise risk services: the ERS group claims that they offer their customers services that help them to understand business risks, determine the acceptable level of exposure, implement controls, and provide ongoing measurement and monitoring of the risk environment. They try to help their clients to overcome the risks they could face through each stage of the business risk cycle. This group indicates that ERS encompass a variety of services offered to their client which are:

164

Corporate governance: through this service, the team aims to assist the boards of directors of clients and their audit committees in fulfilling their oversight responsibilities and respond to any new regulatory and stock market requirements for corporate governance reform.

Internal audit: the ERS group adopts a risk-based approach to internal audit to help clients to improve performance and operating efficiency. The team indicates that they can provide full range of services such as helping to design a strategic plan for internal audit, reengineering existing departments, providing specialised resources, or completely outsourcing the entire internal audit function.

Risk management: the team claims that they can provide different services such as identifying and prioritising strategic and business risks, assessment of risk mitigation strategies and action plans, development of audit and business risk models, review and design of risk management frameworks, and monitoring and reporting systems.

Two other services, which are related to this study, are rendered by the ERS group which are control assurance and IT security.

Control assurance: through this service, the team helps clients to identify, develop and test internal control policies and procedures within business process and information technology environments. They provide this service as part of an internal audit or financial statements audit or individual projects resulting from major organisational changes, implementation of new technologies or reliance on third-party service providers. The services include: control reviews over applications and/or computer environments, information quality, and systems project assurance.

IT security: The team indicates that they can help their clients to improve their systems‘ reliability, information protection and availability, Internet security, and

165

electronic commerce reliability. The firm indicates that the services rendered by the IT security group can be classified into:

Application integrity: the group claims that they can assist clients in the design and implementation of the appropriate infrastructure for their applications. They work with clients to integrate their security dependent web application from the Internet to their back-end systems and the underlying technology infrastructure. In addition, they indicate that they provide control assurance and services in connection with custom system development projects and applications requiring the testing of data quality and integrity.

Attack and penetration: the team assists their clients in this area by operating as ethical hackers to identify threats/vulnerabilities related to their environment and systems by utilising the latest software products used by the hacker community.

Their approach is to evaluate the security of the clients‘ environment as well as their ability to prevent, detect, and ward off unauthorised intruders.

Infrastructure security: the team indicates that this service helps clients to manage information security risks associated with technological infrastructure. The team assists their clients in the design, implementation, and assessment of the environment necessary to support the requirements of their enterprise. The team claims that they have previous experience with environment hardening, cryptography, firewalls, virtual private networks, intrusion detection systems and other services.

Security strategy development: the team helps clients in securing information and corporate resources through the use of proactive policies, guidance, and communication. They assist their clients in the development of information Security strategies, and Information Security policies and procedures.

166 Audit services

The primary goal in performing audit engagements is to render an opinion on financial statements in accordance with the Egyptian Auditing Standards. The firm indicates that its audit approach aims to add value to their clients by enhancing quality and productivity.

To improve the quality of statutory audits, attention is paid to gain a thorough understanding of each client, the business and its environment. Then, the controls needed to guard against the risks of material misstatement of a company‘s financial position including fraud, are assessed. After the assessment of the business essentials, audit procedures that are designed to avoid risks of material misstatements are carried out. To leverage their professionals‘ skills and time, their practice uses their proprietary audit support software, AuditSystem/2, which supports all phases of the audit process, from planning to execution to reporting.

5.5.3. Clients and Expertise

The firm indicates that its staff has a broad knowledge of serving a variety of industries including:

Banking and financial services: these services are provided by staff who have experience and industry knowledge to provide financial services. Services offered to the financial services industry include: governance, design and realisation (corporate, finance and risk), people transformation (advisory and development), executive information (business and customer intelligence), technology and client alliances (advisory, project management and implementation), mergers and acquisition (targeting, evaluation and execution), transformation improvement and post-merger integration (organisation, cost and process), business risk control (mitigation and

167

forensics), tax structures (compliance and advisory), actuarial and insurance consulting services.

Manufacturing: the team helps in looking to new technologies and processes to maintain a lean operation, efficient supply chain and good internal controls.

In addition, the firm has specialised groups who provide their services to other industries such as real estate, gas, oil, and petrochemicals, investments, and construction.