Risk Advisory
It’s about helping clients
Baker Tilly’s industry-specialized professionals understand the complexities of our clients and risk advisory. We recognize emerging issues and offer clients practical solutions with better outcomes aligned to their strategic objectives.
We help:
- better manage risk and compliance
- enhance governance and strategy
- optimize operations
- gain assurance around key functions and processes
Turn risk into competitive advantage
Today organizations manage ever-expanding priorities in a disruptive risk environment. It’s why organizations seek a trusted advisor that can address the full spectrum of risk, governance and compliance considerations in the context of industry, operations and culture.
Baker Tilly collaborates with leaders across functions – and at all levels – to facilitate grounded solutions from an enterprise-wide perspective. Using an integrated approach, we support our clients’ focus on the strategic landscape of the organization and its future.
Baker Tilly helped us tremendously by developing our compliance structure and providing an independent, expert perspective to ensure our compliance efforts met the SEC requirements.Treasurer at a Fortune “Fastest Growing” company
Collaboration without compromise: Practitioner perspectives on internal audit, risk management and governance practices
Using global survey data, Baker Tilly teamed up with the Internal Audit Foundation and Wolters Kluwer TeamMate® to explore how evolving risk management practices are reshaping second- and third-line roles and boosting collaboration.
Business risk services
Cybersecurity risk services
Cybersecurity compliance
- System and Organization Controls (SOC) reporting
- Cybersecurity assessments (CSC, NYDFS, NIST, HITRUST®, Microsoft SSPA, Penetration testing assessment)
- PCI DSS
- Federal assessments (CMMC, FedRAMP, GovRAMP)
- Healthcare assessments (HIPAA)
- International standards (BSI C5)
- Privacy compliance assessments
- IT assurance (IT SOX, IT internal audit, IT ESG, IT ERP)
Cybersecurity advisory
- IT and cybersecurity internal audit solutions
- Federal assessment advisory
- Third-party vendor risk management
- Vulnerability assessment
- Technology due diligence
- Cyber incident response planning and business continuity
Our strategic alliances
AuditBoard
Together, Baker Tilly and AuditBoard provide clients with a solution that augments the transformation and optimization of their financial management, risk and compliance functions. The pairing combines deep advisory experience and insight with advanced audit technology to enhance GRC management. Read the press release.
In this episode of Agents of Change, Heather Acker, risk advisory managing partner, and Richard Chambers, senior internal audit advisor at AuditBoard, share their perspectives on internal audit and the future of the profession.
Workiva
Baker Tilly and Workiva create value-driven offerings to transform and optimize an organization’s governance, risk and compliance (GRC) functions and support their ESG journeys with enhanced reporting insights. Through our alliance, Baker Tilly and Workiva can help organizations streamline risk management processes and compliance reporting within a cloud-based platform.
Fieldguide
Fieldguide supports Baker Tilly’s risk advisory services by embedding AI-enabled workflows across engagements. Fieldguide’s platform embeds AI capabilities across the engagement lifecycle, from planning through reporting, with structured workflows, transparency and human oversight. Baker Tilly’s implementation emphasizes alignment with firm methodologies and professional standards, helping ensure consistency and transparency throughout the engagement process. Read the press release.
Baker Tilly has collaborated with our external auditors and internal resources to ensure the internal control process and related testing documentation is complete and relevant.Chief financial officer at a major manufacturing company
ESG and sustainability
Going beyond responsibility to value and opportunity, we provide comprehensive and industry-focused environmental, social and governance (ESG) and sustainability advisory and assurance from development to execution.
Guiding insights
Strategy in motion: Internal audit’s 2026 execution mandate
Baker Tilly’s internal audit team highlights key IIA GAM 2026 insights, emphasizing AI-driven, autonomous workflows as essential to modern assurance strategies.
Key considerations for auditing data governance in the AI era
A practical look at data governance, audit approaches, risks and benefits to help organizations strengthen data, compliance and AI readiness.
Collaboration without compromise: Practitioner perspectives on internal audit, risk management and governance practices
Using global survey data, this report explores how evolving risk management practices are reshaping second- and third-line roles and boosting collaboration.
Successfully navigating SOX 404(b): Key considerations for growing and established public companies
Explore key strategies for successfully navigating SOX 404(b) compliance for emerging and public companies by strengthening internal controls, accountability and audit readiness.
Enhanced enterprise risk management and strategic decision-making
Enhanced ERM and strategic risk management by Baker Tilly and the IAF enables timely risk assessments, collaboration with internal audit and technology.
How modern ERM can help you prepare for this era of uncertainty
Discover how modern ERM and Baker Tilly’s AI-enabled tools help organizations manage uncertainty, enhance resilience and seize opportunities.
Internal audit: understanding co-sourcing and outsourcing models
Practical tips for using a co-sourced or outsourced model to overcome common internal audit challenges
Consolidation of DoD Government Property Clauses … and then some.
Timeframes, reporting, marking requirements — and more. Explore potential impacts from the recent DFARS Case 2020-D029: Consolidation of DoD Government Property Clauses.
Strategies to address the new SEC cyber disclosure rule (and how to do it!)
One strategy to address the new SEC cyber disclosure rule is to leverage AICPA’s cybersecurity risk management framework.
Cyber resilience: A guide to navigating modern risks
Discover essential cybersecurity practices and critical questions to enhance your cyber resilience strategy in Baker Tilly’s cyber resilience guide.
Embracing AI in internal audit: An audit, risk and compliance officer's guide
AI is transforming internal audit, necessitating assessments of AI readiness, governance, data, and model validation to manage risks effectively
Foundational concepts for long-term success with ERM governance
The third in Baker Tilly’s four-part ERM webinar series, Enterprise risk management: Building an effective ERM governance structure delivers valuable insight on risk management.
The SOX compliance journey: Preparing for compliance
Download our guide and explore the key considerations from Baker Tilly to achieve compliance with Sarbanes-Oxley (SOX) 404.
Baker Tilly exceeded my expectations in every way imaginable - in their level of professionalism, energy, thoughtfulness, appreciation for time management and priorities, and their ability to apply logic.Director of internal audit at a private equity firm
Client stories
Leveraging AI to uncover emerging risks and mitigation strategies for our clients
Consumer healthy company utilizes Baker Tilly’s enhanced ERM approach and AI-enabled tool—RiskScan™—to enhance and expand its risk register.
Global flavors and fragrances company develops risk management road map and completes maturity assessment
Baker Tilly helped a large, international flavors and fragrances company by developing a risk management road map to advance their enterprise risk management (ERM) program’s maturity.
Multibillion dollar pharmaceutical and medical supply company engages strategic reorganization, secures FSS contract
Baker Tilly helps multibillion dollar pharmaceutical and medical supply company engage strategic reorganization to obtain an FSS contact and expand their footprint within the federal marketplace.
Fortune 100 company requires assurance to meet EPA guidelines
A Fortune 100 multinational technology company engaged Baker Tilly to conduct an agreed-upon procedures (AUP) report on their hydrofluorocarbons (HFC) usage to comply with EPA guidelines.
Global, multibillion dollar federal contractor addresses GSA Schedule Mandatory Disclosure
Baker Tilly assists global, multi-billion dollar federal contractor with GSA Schedule Mandatory Disclosure related to pricing compliance on four FSS contracts.
Baker Tilly performs extensive array of internal audit functions at research institution, and serves in the role of interim CAE during transition period
One of Baker Tilly’s professionals served in the role of interim (CAE) while the university during the recruiting and hiring process for a new full time position, while collaborating with senior leadership and internal audit stakeholders to transition the function to new leadership.
Real estate investment trust (REIT) strengthens its financial, operational and compliance related controls
A commercial REIT sought to review certain operational and financial policies, procedures and controls. Baker Tilly governance, risk and compliance professionals helped enhance the REIT's operations.
Not-for-profit makes internal reporting changes to align with its external ESG efforts
An organization that historically reported on external sustainability impact, as opposed to internal operations, prioritized advancing its ESG efforts to become a leader in not-for-profit ESG reporting.
Our professionals
Our risk advisory team is here to serve as an extension of your organization. Count on our proactive, experienced guidance to manage risk, governance, compliance, cybersecurity, ESG and sustainability, and other strategic and operational issues.
Stay in the know
Sign up to receive relevant and timely risk advisory insights, alerts and tools.