-
Audit approach overview
Our audit approach will allow our client's accounting personnel to make the maximum contribution to the audit effort without compromising their ongoing responsibilities
-
Annual and short period audit
At P&A Grant Thornton, we provide annual and short period financial statement audit services that go beyond the normal expectations of our clients. We believe strongly that our best work comes from combining outstanding technical expertise, knowledge and ability with exceptional client-focused service.
-
Review engagement
A review involves limited investigation with a narrower scope than an audit, and is undertaken for the purpose of providing limited assurance that the management’s representations are in accordance with identified financial reporting standards. Our professionals recognize that in order to conduct a quality financial statement review, it is important to look beyond the accounting entries to the underlying activities and operations that give rise to them.
-
Other Related Services
We make it a point to keep our clients abreast of the developments and updates relating to the growing complexities in the accounting world. We offer seminars and trainings on audit- and tax-related matters, such as updates on Accounting Standards, new pronouncements and Bureau of Internal Revenue (BIR) issuances, as well as other developments that affect our clients’ businesses.
-
Tax advisory
With our knowledge of tax laws and audit procedures, we help safeguard the substantive and procedural rights of taxpayers and prevent unwarranted assessments.
-
Tax compliance
We aim to minimize the impact of taxation, enabling you to maximize your potential savings and to expand your business.
-
Corporate services
For clients that want to do business in the Philippines, we assist in determining the appropriate and tax-efficient operating business or investment vehicle and structure to address the objectives of the investor, as well as related incorporation issues.
-
Tax education and advocacy
Our advocacy work focuses on clarifying the interpretation of laws and regulations, suggesting measures to increasingly ease tax compliance, and protecting taxpayer’s rights.
-
Business risk services
Our business risk services cover a wide range of solutions that assist you in identifying, addressing and monitoring risks in your business. Such solutions include external quality assessments of your Internal Audit activities' conformance with standards as well as evaluating its readiness for such an external assessment.
-
Business consulting services
Our business consulting services are aimed at addressing concerns in your operations, processes and systems. Using our extensive knowledge of various industries, we can take a close look at your business processes as we create solutions that can help you mitigate risks to meet your objectives, promote efficiency, and beef up controls.
-
Transaction services
Transaction advisory includes all of our services specifically directed at assisting in investment, mergers and acquisitions, and financing transactions between and among businesses, lenders and governments. Such services include, among others, due diligence reviews, project feasibility studies, financial modelling, model audits and valuation.
-
Forensic advisory
Our forensic advisory services include assessing your vulnerability to fraud and identifying fraud risk factors, and recommending practical solutions to eliminate the gaps. We also provide investigative services to detect and quantify fraud and corruption and to trace assets and data that may have been lost in a fraud event.
-
Cyber advisory
Our focus is to help you identify and manage the cyber risks you might be facing within your organization. Our team can provide detailed, actionable insight that incorporates industry best practices and standards to strengthen your cybersecurity position and help you make informed decisions.
-
ProActive Hotline
Providing support in preventing and detecting fraud by creating a safe and secure whistleblowing system to promote integrity and honesty in the organisation.
-
Accounting services
At P&A Grant Thornton, we handle accounting services for several companies from a wide range of industries. Our approach is highly flexible. You may opt to outsource all your accounting functions, or pass on to us choice activities.
-
Staff augmentation services
We offer Staff Augmentation services where our staff, under the direction and supervision of the company’s officers, perform accounting and accounting-related work.
-
Payroll Processing
Payroll processing services are provided by P&A Grant Thornton Outsourcing Inc. More and more companies are beginning to realize the benefits of outsourcing their noncore activities, and the first to be outsourced is usually the payroll function. Payroll is easy to carve out from the rest of the business since it is usually independent of the other activities or functions within the Accounting Department.
-
Our values
Grant Thornton prides itself on being a values-driven organisation and we have more than 38,500 people in over 130 countries who are passionately committed to these values.
-
Global culture
Our people tell us that our global culture is one of the biggest attractions of a career with Grant Thornton.
-
Learning & development
At Grant Thornton we believe learning and development opportunities allow you to perform at your best every day. And when you are at your best, we are the best at serving our clients
-
Global talent mobility
One of the biggest attractions of a career with Grant Thornton is the opportunity to work on cross-border projects all over the world.
-
Diversity
Diversity helps us meet the demands of a changing world. We value the fact that our people come from all walks of life and that this diversity of experience and perspective makes our organisation stronger as a result.
-
In the community
Many Grant Thornton member firms provide a range of inspirational and generous services to the communities they serve.
-
Fresh Graduates
Fresh Graduates
-
Students
Whether you are starting your career as a graduate or school leaver, P&A Grant Thornton can give you a flying start. We are ambitious. Take the fact that we’re the world’s fastest-growing global accountancy organisation. For our people, that means access to a global organisation and the chance to collaborate with more than 40,000 colleagues around the world. And potentially work in different countries and experience other cultures.
-
Experienced hires
P&A Grant Thornton offers something you can't find anywhere else. This is the opportunity to develop your ideas and thinking while having your efforts recognised from day one. We value the skills and knowledge you bring to Grant Thornton as an experienced professional and look forward to supporting you as you grow you career with our organisation.
The weakest link: A cybersecurity story
02 Aug 2017“Strange,” he thought, eyeing the unfamiliar flash drive on his office desk. “I wonder who owns this?”
Paul examined the 64-gigabyte device for its name label. He rotated it on his hand. None. Completely generic. “Amazing how they get tinier and tinier,” Paul mused, as he proceeded to plug the smaller-than-his-thumb flashdrive into his four-year old Windows-run machine.
He was being relentlessly badgered by the tech guys to upgrade his laptop for over a year now. But policies and procedures be damned! He was generating more than P200 million in projects every year, so both the sales director and the CEO did not make a fuss but turned a blind eye to the minor company policy infractions.
Besides, his old reliable laptop contained all his important files—draft proposals, contracts, feasibility reports, customer lists, torrented TV shows, and some rather raunchy photos of him and his wife from their last Palawan trip. In no way will he be sending his laptop to IT without doing some housekeeping first and he had no time to back up his stuff in case the tech guys again lost some files, as they did during the last upgrade.
He proceeded to type in his password, and tapped the “Enter” key. The cursor remained blinking in the password field. “Incorrect password again,” Paul angrily realized. With so many passwords to remember, he frequently forgot which password went where. He tried again and was greeted by his haphazardly organized desktop filled from edge to edge with files and folders.
The computer spat several notifications at him, one after the other: 523 unread emails. Disk almost full. Windows updates available. Antivirus engine is outdated. He ignored them all, tapped on the “X” to close all the notification windows, and clicked to open the flash drive.
The lone video file stared at him from the screen: “OFFICE-SCANDAL.mp4”.
Paul stood up in his cubicle and surveyed the room. It was 8:30 p.m. Ross and Lui were still there, busily pecking at their keyboards. The director’s door was still ajar, his lamp slashing a path of light in the dim hallway across. The percolator hissed occasionally as the scent of stale coffee wafted through the room. All clear.
He plugged in his earphones and clicked on the file in eager anticipation.
Nothing.
Another click.
No response.
Disappointed, Paul hovered his mouse over the close button, and, as he did so, his virtual desktop slowly began to shrink, its edges squeezing the frame from all sides until his open windows, files and folders shrank and vanished into a glowing point at the screen’s center, like an old cathode ray TV would do when turned off.
In a combination of surprise, befuddlement and panic, Paul swiped his finger on the trackpad angrily, like a sword slashing uselessly in the darkness.
From deep in the bowels of his laptop, the Trojan horse had begun its nefarious work as soon as Paul had inserted the flash drive. First, a keylogger began capturing keystrokes as Paul entered his password. Then it started looking for network connections and access to the internet. While copies of the office scandal file were being replicated in open folders throughout the network, the Trojan started uploading the contents of Paul’s 500-gigabyte hard drive over the internet to a server outside the country. This continuous stream of data began clogging the company’s internet connection.
“Lui, look at this. My screen just went blank!” Ross said aloud.
As Lui shuffled over to Ross’s cubicle, the director peeked out from his room. “Are your connections ok? I can’t seem to access anything on the web. I think our website is down, too. Can’t access it on my phone. Is IT still around?”
Paul began to mash the buttons on his keyboard, hoping for a response from his computer. Then, just as he was about to give up all hope, a parade of dancing symbols and letters appeared from the left edge of the screen amid a blood-red background, finally settling in the middle of the display in a familiar pattern—the ASCII characters had formed a crude graphic of a skull and crossbones. And directly underneath the symbol, it demanded that Paul “Press Any Key.”
His finger poised tentatively over the Enter key. “What have I done?” Paul asked himself, still uncertain if he should do as his screen instructed. He hesitatingly tapped on the key.
Further instructions appeared in that same crimson background: “The hard disks of your computer have been encrypted with a military grade encryption algorithm. There is no way to restore your data without a special key. You can purchase this key on the Darknet page shown in step 2…”
“My files. My emails. The P25 million project proposal due tomorrow. My wife’s photos. Ross’s computer. No internet. Our website is down.” Realization now crashing into his consciousness in an endless stream of profanities, regrets and opportunities lost. And guilt.
And as he ran to the director’s room, it came to him again: the chilling blood red macabre symbol of poison and danger. And Death.
* * *
This short story has been adapted from real events, with creative liberties taken to keep the names and nature of businesses confidential. Cybercrime is real and is here right now in the Philippines, and people are often the weakest link in any organization’s security layers. Why did Paul plug in the flash drive and attempt to open the file? Why did he ignore IT’s pleas to upgrade his machine? Why did his superiors not insist on enforcing the policy? Why did he ignore the operating system and anti-virus update notifications? We may never know the answers to these questions, but running regular security awareness programs so that all personnel are aware of the potential consequences of their actions can help mitigate these risks. Otherwise, the office scandal will be played in your office soon.
Third Librea, Partner, Head of Advisory Services, and Chief Information Officer (CIO) of P&A Grant Thornton. P&A Grant Thornton is one of the leading Audit, Tax, Advisory, and Outsourcing firms in the Philippines with 20 Partners and over 850 staff members. For your comments, please email third.librea@ph.gt.com or PAGrantThornton.marketscomm@ph.gt.com. For more information about P&A Grant Thornton, visit our website www.grantthornton.com.ph.
As published in The Manila Times, dated 02 August 2017