-
Financial statements audits
Financial statement audits
-
Compliance audits
Compliance audits
-
Compilations and reviews
Compilations and audit
-
Agreed-upon procedures
Agreed-upon procedures
-
Corporate and business tax
Our trusted teams can prepare corporate tax files and ruling requests, support you with deferrals, accounting procedures and legitimate tax benefits.
-
International tax
Our teams have in-depth knowledge of the relationship between domestic and international tax laws.
-
Tax compliance
Business Tax
-
Individual taxes
Individual taxes
-
Estate and succession planning
Estate and succession planning
-
Global mobility services
Through our global organisation of member firms, we support both companies and individuals, providing insightful solutions to minimise the tax burden for both parties.
-
Sales and use tax and indirect taxes
SUT/ VAT & indirect taxes
-
Tax incentives program
Tax incentives program
-
Transfer Pricing Study
The laws surrounding transfer pricing are becoming ever more complex, as tax affairs of multinational companies are facing scrutiny from media, regulators and the public
-
Business consulting
Our business consulting services can help you improve your operational performance and productivity, adding value throughout your growth life cycle.
-
Forensic and investigative services
At Grant Thornton, we have a wealth of knowledge in forensic services and can support you with issues such as dispute resolution, fraud and insurance claims.
-
Fraud and investigations
The commercial landscape is changing fast. An ever more regulated environment means organizations today must adopt stringent governance and compliance processes. As business has become global, organizations need to adapt to deal with multi-jurisdictional investigations, litigation, and dispute resolution, address the threat of cyber-attack and at the same time protect the organization’s value.
-
Dispute resolutions
Our independent experts are experienced in advising on civil and criminal matters involving contract breaches, partnership disputes, auditor negligence, shareholder disputes and company valuations, disputes for corporates, the public sector and individuals. We act in all forms of dispute resolution, including litigation, arbitration, and mediation.
-
Business risk services
We can help you identify, understand and manage potential risks to safeguard your business and comply with regulatory requirements.
-
Internal audit
We work with our clients to assess their corporate level risk, identify areas of greatest risk and develop appropriate work plans and audit programs to mitigate these risks.
-
Service organization reports
As a service organization, you know how important it is to produce a report for your customers and their auditors that instills confidence and enhances their trust in your services. Grant Thornton Advisory professionals can help you determine which report(s) will satisfy your customers’ needs and provide relevant information to your customers and customers’ auditors that will be a business benefit to you.
-
Transaction advisory services
Transactions are significant events in the life of a business – a successful deal that can have a lasting impact on the future shape of the organizations involved. Because the stakes are high for both buyers and sellers, experience, determination and pragmatism are required to bring deals safely through to conclusion.
-
Mergers and acquisitions
Globalization and company growth ambitions are driving an increase in M&A activity worldwide as businesses look to establish a footprint in countries beyond their own. Even within their own regions, many businesses feel the pressure to acquire in order to establish a strategic presence in new markets, such as those being created by rapid technological innovation.
-
Valuations
We can support you throughout the transaction process – helping achieve the best possible outcome at the point of the transaction and in the longer term.
-
Recovery and reorganization
We provide a wide range of services to recovery and reorganisation professionals, companies and their stakeholders.
As the nature of business continues to change, we must change how we secure our information assets. Many factors have driven this increased complexity, including a distributed workforce, the incorporation of contractors and vendors into internal business processes, the shift from on-premise data centers to a blend of on-premise and cloud-based data centers and software as a service, a drastic increase in external access points and the introduction of personal devices into business networks. This growing complexity has reduced visibility. Ultimately, poor visibility can lead to data breaches that expose organizations to legal and regulatory liability, as well as reputational damage.:
The Zero Trust model
The Zero Trust model emerged as a response to growing IT complexity and offers an alternative to the prevailing but outdated view of inherently trusting any system or person with access to the network while focusing security efforts on protecting the perimeter of the network.
The skepticism of the Zero Trust model takes the form of five questions. These questions are not one-time gateways; rather, they represent an ongoing attempt to ensure security.
- Has the device attempting to connect been compromised?
- Is the user who they claim to be?
- Is a third party listening?
- If a system has been compromised, how are we minimizing what it can do and see?
- Is the environment continually monitoring for possible suspicious behavior and taking action if it is found?
Given the breadth of implementation – it will touch every process, transaction, asset, and user in an organization – it’s important to start with some strategic questions.
Focus on 3 key areas
Once an organization determines its strategy, prioritizing the assets it wants to protect and the threats it faces, it should look to adapt its cybersecurity capabilities in these three areas:
Identity and access management
This entails rigorous initial verification of users upon setup, the application of the “least privileged” principle to limit a user’s rights to the data that is absolutely necessary to do their jobs, ongoing adaptive and risk-aware authentication, timely deprovisioning as users’ roles change, the scouring of obsolete access credentials and finally continual monitoring that feeds intelligence into risk-aware components.
Network security
Encryption, while not new, is invaluable and is increasingly low impact. Next-generation firewalls can account for applications, users and content to intelligently restrict the movement of users within the network. Along with appropriate firewall usage, micro-segmentation is another important tool to help control network traffic flow.
Data protection
Protecting an organization’s sensitive data is a primary goal of any cybersecurity program. This starts with identifying the sensitive data itself. Once the data is identified, it should be encrypted when it is not in use or in transit, and tokenized when it moves to less-secure environments.
Implementation and cultural change
Zero Trust strategies work. But how do organizations make them work? First, they must understand the enterprise-wide nature of the implementation and the expanding sense of what an enterprise is. A Zero Trust model can be viewed as burdensome and unnecessary by some, so it is important to gain consensus on the dangers currently faced and reassure people that any impact on their day-to-day jobs will be minimized where possible while being focused on better securing the organization’s IT assets.
The evolution to a Zero Trust model is a journey that will take many steps for most organizations. It should start with having a clear picture of the users and devices accessing an organization’s IT resources and the underlying infrastructure that an organization’s systems and data reside on. Once there is a good understanding of who needs to access systems and where those systems are located, an organization can assess where its highest risks are and prioritize the implementation of cyber capabilities that can address those risks.
It should be clear why Zero Trust matters. In addition to protecting against data breaches, it promises much greater visibility and adaptability.
