Services
We approach each audit with sharp thought, straight talk and common sense. In addition to verifying that financial results are fairly presented and meet...
-
Financial statements audits
Financial statement audits
-
Compliance audits
Compliance audits
-
Compilations and reviews
Compilations and audit
-
Agreed-upon procedures
Agreed-upon procedures
At Kevane Grant Thornton, tax is a key part of our organization and our award-winning teams can offer you a range of solutions, whatever the size of your...
-
Corporate and business tax
Our trusted teams can prepare corporate tax files and ruling requests, support you with deferrals, accounting procedures and legitimate tax benefits.
-
International tax
Our teams have in-depth knowledge of the relationship between domestic and international tax laws.
-
Tax compliance
Business Tax
-
Individual taxes
Individual taxes
-
Estate and succession planning
Estate and succession planning
-
Global mobility services
Through our global organisation of member firms, we support both companies and individuals, providing insightful solutions to minimise the tax burden for both parties.
-
Sales and use tax and indirect taxes
SUT/ VAT & indirect taxes
-
Tax incentives program
Tax incentives program
-
Transfer Pricing Study
The laws surrounding transfer pricing are becoming ever more complex, as tax affairs of multinational companies are facing scrutiny from media, regulators and the public
As your business grows, our advisory services are designed to help you achieve your goals. Successful growth often means navigating a complex array of...
-
Business consulting
Our business consulting services can help you improve your operational performance and productivity, adding value throughout your growth life cycle.
-
Forensic and investigative services
At Grant Thornton, we have a wealth of knowledge in forensic services and can support you with issues such as dispute resolution, fraud and insurance claims.
-
Fraud and investigations
The commercial landscape is changing fast. An ever more regulated environment means organizations today must adopt stringent governance and compliance processes. As business has become global, organizations need to adapt to deal with multi-jurisdictional investigations, litigation, and dispute resolution, address the threat of cyber-attack and at the same time protect the organization’s value.
-
Dispute resolutions
Our independent experts are experienced in advising on civil and criminal matters involving contract breaches, partnership disputes, auditor negligence, shareholder disputes and company valuations, disputes for corporates, the public sector and individuals. We act in all forms of dispute resolution, including litigation, arbitration, and mediation.
-
Business risk services
We can help you identify, understand and manage potential risks to safeguard your business and comply with regulatory requirements.
-
Internal audit
We work with our clients to assess their corporate level risk, identify areas of greatest risk and develop appropriate work plans and audit programs to mitigate these risks.
-
Service organization reports
As a service organization, you know how important it is to produce a report for your customers and their auditors that instills confidence and enhances their trust in your services. Grant Thornton Advisory professionals can help you determine which report(s) will satisfy your customers’ needs and provide relevant information to your customers and customers’ auditors that will be a business benefit to you.
-
Transaction advisory services
Transactions are significant events in the life of a business – a successful deal that can have a lasting impact on the future shape of the organizations involved. Because the stakes are high for both buyers and sellers, experience, determination and pragmatism are required to bring deals safely through to conclusion.
-
Mergers and acquisitions
Globalization and company growth ambitions are driving an increase in M&A activity worldwide as businesses look to establish a footprint in countries beyond their own. Even within their own regions, many businesses feel the pressure to acquire in order to establish a strategic presence in new markets, such as those being created by rapid technological innovation.
-
Valuations
We can support you throughout the transaction process – helping achieve the best possible outcome at the point of the transaction and in the longer term.
-
Recovery and reorganization
We provide a wide range of services to recovery and reorganisation professionals, companies and their stakeholders.
Our outsourcing services allow you to save time and money in order to concentrate on the competencies and the core business activities.
Emerging markets and shifting consumer demand are creating new opportunities in food and beverage, with business leaders investing in new products, markets and...
Optimism is slowly returning to the global economy, but the financial services industry needs to regain the trust of public and private bodies. To succeed,...
Healthcare
Rapid change and complexity are norms, and innovation the fuel in the technology industry. Today’s revolutions – including cloud, as-a-service, social media...
Industrial products
Across the globe, not for profit organizations are increasingly expected to deliver more, while at the same time facing cuts in government funding and...
We work with all types of agencies, including central and state government, local government, donors (including bilateral and multilateral international...
While the impact of the prolonged downturn continues to be felt, pockets of opportunity and optimism have emerged within the retail estate and construction...
Services
Dynamic businesses need to move with speed and purpose if they want to capitalise on opportunities in hospitality and tourism. At Grant Thornton, we know...
Careers page for Kevane Grant Thornton
The Grant Thornton Difference
Grant Thornton prides itself on being a values-driven organization and we have more than 56,000 people in over 140 countries who are passionately committed to...
Learning and development
One of the biggest attractions of a career with Grant Thornton is the opportunity to work on cross-border projects all over the world.
Diversity helps us meet the demands of a changing world. We value the fact that our people come from all walks of life and that this diversity of experience...
Many Grant Thornton member firms provide a range of inspirational and generous services to the communities they serve.
Students
Experienced hires
Jobs at Kevane Grant Thornton
Mergers and acquisitions require a mix of strategic and tactical work – cybersecurity is usually an item on the tactical list.
Contents
Many organizations are drawing up plans for mergers and acquisitions right now, as leaders look for growth after the pandemic slowdown, and as new business models emerge. However, weakened cybersecurity hygiene throughout the last year means that these M&A transactions elevate the risk of cybersecurity incidents.
Create an M&A cybersecurity playbook
As an M&A deal progresses through its lifecycle, cybersecurity and data privacy risks steadily increase.
To successfully identify and monitor these risks in an ongoing and repeatable way, companies need an M&A cybersecurity playbook.
The M&A cybersecurity playbook can be broken into four stages:
- screening: during the screening stage, have a key stakeholder looking out for cybersecurity and privacy risks. Information security leaders within the firm are ideal candidates for this position. Also identify the target’s information security team composition and qualifications.
- due diligence: due diligence is the most important stage of the deal before day one of the transaction, and cybersecurity and privacy must be thoroughly evaluated at this stage to avoid any future regrets. Conduct cybersecurity risk assessments, vulnerability scans, penetration tests, and compromise assessment to the point agreeable. Evaluate compliance with privacy and regulatory requirements and look out for past and current findings or security and privacy incidents.
- announcement: there can be a lot of media coverage during the announcement stage, which sometimes alerts malicious groups and other threats.
- closure: when the deal is being completed in this final stage, the cybersecurity and privacy actions required for success are far from being complete. Cybersecurity integration in this stage can be the most challenging part of the deal journey, as the acquirer and target look to integrate capabilities across both firms.
Create an M&A cybersecurity framework
An M&A cybersecurity framework can provide a template for guiding cybersecurity integration. The framework builds upon the careful consideration given to cybersecurity and privacy matters during the due diligence stage. The findings from the due diligence results lay the foundation for the integration effort.
The cybersecurity framework should focus on four key factors, with the end in mind:
- enable business goals
- reduce cyber risks
- advance cybersecurity program maturity
- contain business-as-usual (BAU) costs
Execute the M&A cybersecurity plan
Your M&A cybersecurity execution plan needs to leverage the M&A cybersecurity playbook and framework with both tactical and strategic actions planned along the M&A journey.
Tactical actions:
- specific cybersecurity threat monitoring must begin on day one and continue for at least the first phase of the merger or acquisition.
- the due diligence risk assessment feeds into remediation of the high-risk issues, followed by remediation of the medium-risk and low-risk issues if needed.
- a compromise assessment provides important input for identifying and isolating potential incidents and taking immediate actions to address them.
Strategic actions:
- a comparative analysis of cybersecurity capabilities will inform the cybersecurity consolidation, business solution migration and subsequent support.
- the cybersecurity integration strategy forms an important foundation for integrating cybersecurity policies, processes, and suppliers.
- the target operating model for cybersecurity, once designed and established, will implement a one-team approach in supporting the cybersecurity program going forward with defined performance metrics and control monitoring.
The M&A cybersecurity playbook and framework execution must include change management to ensure that business users are on board and can continue business as usual. Throughout the M&A transaction, your project management and change enablement resources should be fully engaged. Make sure to prepare your team’s skill sets, bench strength and industry expertise in advance. Evaluate and prepare any additional internal and external cybersecurity resources that you will need to call upon during the transactions.
In the crucial period before and after a merger, cybersecurity teams have a unique opportunity to reduce risks and add value to the business. However, they must employ careful planning, precise execution and close consultation with business and IT leaders to ensure a successful cybersecurity integration.
Grant Thornton library articles:
We are committed to keep you updated of all developments that may affect the way you do business in Puerto Rico. Please contact us for assistance in relation to this or any other matter, we will be glad to assist you.
Authors
-
Marta E. Rodríguez Marta is the partner head of advisory with over twenty years of experience in public accounting.View Profile -
Neysha Otero Neysha is an advisory manager with over twenty-one years of experience in public accounting.View Profile -
Jorge Paredes Jorge is an advisory manager with over twenty-five years of experience in public and private accounting.View Profile -
Jorge Oquendo Jorge is an advisory manager with seventeen years of experience in public accounting and working as a lawyer in the litigation department of a law firm in Puerto Rico focused on corporate, labor, commercial, and civil law.View Profile
Cybersecurity in M&A strategy
