Unlike traditional, retrospective audits or consultancy,

McKell Risk Assurance

takes a proactive approach to evaluate the robustness of a company's strategies, internal controls and business processes to address external threats and protect against vulnerabilities across various finance and operational areas.

Our Services

Assurance & Attestation

IT & Cybersecurity Attestation

Internal Control Assurance

Third-Party Assurance

Regulatory Compliance

Consultative Review

Corporate Governance Advisory Service

Internal Audit, Control Self-Assessment &
Enterprise Risk Management

Financial Planning & Analysis-as-a-Service (FaaS)

Strategy-as-a-Service (SaaS)

Review of Internal Controls over Financial Reporting (ICFR)

Internal Review of Sustainability Report

Learn more about our IT Risk Assurance and Advisory services at
Dedomena Technologies

Our risk assurance and advisory deliver expert counsel and strategic guidance while implementing practical and tailored risk management solutions that generate positive outcomes for our clients, partners, and their evolving communities.

As an “Individual Contributor” firm anchored by 30 years of the founder’s premier technical and industry reputation rather than a large sales engine, we opt for organic growth and strategic networking approach, identifying and targeting businesses that would benefit from our niches services, rather than pursuing aggressive business development and expansion strategies.

We recommend the implementation of risk strategies that leverage compliance as a strategic asset and major source of competitive advantage —a powerful business enabler and driver of organizational value, rather than seeing it merely as a "cost of doing business.

Strong risk governance acts as a "passport," allowing companies to enter highly regulated global markets faster than less-prepared competitors.

As a 100% AI-native risk consultancy, we have stripped away the heavy overhead and manual inefficiencies of traditional consulting. While legacy firms rely on massive teams and billable hours to solve problems, we leverage a high-velocity, AI-first architecture to deliver deeper insights smarter, faster, and more efficiently.

AI-Native Speed, Auditor-Grade Integrity.

Velocity: Manual overhead stripped away by AI-first workflows.

Ethics: Every AI output is subject to professional judgment and validation.

100% adherence to professional standards, ensuring your data is secure and outputs are unbiased.

At McKell Risk Assurance, we are able to deliver partner-level expertise services without the overhead or junior-staff "learning curve" associated with mid-tier firms.

Think of AI as our 'second brain'—it doesn't replace our judgment but rather affirming, clarifying and sharpens it.

For complex projects requiring specialized knowledge beyond the scope of our practice, we activate our external networks of Strategic Partners—comprising legal counsel, professional accountants, and cybersecurity specialists—to provide a truly holistic, tailored solution. This collaboration ensures that AI’s predictive insights are validated and enriched by seasoned professionals, resulting in a robust, multi-layered strategy that combines unparalleled velocity with domain-specific accuracy.

Our Flagship

Internal Audit-as-a-Service

Internal Auditors are a vital part of good governance in any organization in all business sectors

Benefits of Outsourcing or Co-sourcing the Internal Audit Function

Outsourcing and co-sourcing the internal audit function offer organizations benefits like cost savings, access to specialized internal audit expertise including control self-assessment facilitation and risk management assurance, enhanced objectivity, and increased flexibility.

These approaches also allow companies to scale their audit resources efficiently and free up internal resources for core business activities.

Internal Audit is evolving from a risk and control function to a Trusted Advisor and Risk Management Partner who drives insight and influence across the organization.

According to the new Global Internal Audit Standards effective January 9, 2025, the profession's mandate has shifted from mere compliance to delivering high-value insights that support long-term organizational success.

Rather than just finding faults, internal auditors now verify if daily operations support a company's strategic goals and identify gaps where resources are misaligned with long-term priorities.

With a strong board relationship, internal auditors can help the board spot new risks early

The Institute of Internal Auditors (IIA) is the globally recognized professional body and standard-setting authority for the internal audit profession. The IIA provides leadership, education, certification, and research to professionals engaged in evaluating organizational operations, governance, risk management, and control processes.

The Institute of Internal Auditors Singapore, an affiliate of IIA Global, is the only professional body in Singapore dedicated to the advancement and interests of the internal audit profession.

IIA Singapore member designations include MIIA for Ordinary Members and FIIA for Fellow Members, along with other tiers like Associate and Student, allowing members to use these letters after their names, signifying professional standing in internal auditing in Singapore, with international use requiring "(Singapore)" appended.

In Singapore, Control Self-Assessment (CSA) is an effective risk management tools recommended by the Audit Committee Guidance Committee (ACGC) Guidelines (Page 77) for the Board and audit committees to give an informed opinion on the state of internal controls and risk management systems of the organization.

CSA on financial reporting quality is a process where a company's employees from the finance, operation and business functions evaluate the effectiveness of their internal controls over financial reporting. It helps ensure that financial statements are accurate, reliable, and compliant with accounting standards and regulatory requirements, thereby reducing the risk of material misstatements.

Management Assurance

CSA and Internal Audits are both methods for evaluating an organization's internal controls, but they differ in their focus and execution. CSA emphasizes proactive involvement by operational staff in assessing their own controls, while internal audits are conducted by a separate, objective function to evaluate existing controls and provide independent assurance.

Results from the CSA can be used by both internal and external auditors to gather material information, focus on high-risk areas, and facilitate effective audit planning.

It is therefore a critical proactive strategy for organizations to achieve and maintain audit readiness. It extends the burden of control testing from periodic internal and external audits to a continuous, internal process driven by the people closest to the operations.

There are significant advantages for an organization to appoint an IIA certified member, especially a Certified Internal Auditor (CIA), over those who are not certified, to take up the internal auditor role. Advantages include:

Demonstrated Expertise

Adherence to Global Standards

Enhanced Credibility and Trust

Improved Risk and Governance Management

Access to Best Practices and Insights

Higher Quality of Work and Value-Add

Global Recognition and Transferability

There is no mandatory government or regulatory requirement in Singapore for an internal auditor to hold a Certified Public Accountant (CPA) or Chartered Accountant (CA) qualification.

Internal auditors with CISA (Certified Information Systems Auditor) credentials hold a powerful advantage in the AI age.

While AI automates routine tasks, auditors must ensure these systems are trustworthy, transparent, and legally compliant. CISA professionals possess the foundational expertise required to bridge this vital gap between technology and human judgment.

The Institute of Internal Auditors and its standards are highly recognized and formally integrated into Singapore's regulatory and professional landscape.

SGX Listing Rules: Rule 719(3) requires listed companies to maintain an effective internal audit function. SGX RegCo expects IA functions to follow standards from professional bodies like the Institute of Internal Auditors (IIA), ensuring quality and independence for robust corporate governance and risk management.

2025 Standard Update: The new Global Internal Audit Standards (GIAS) became effective on January 9, 2025. IIA Singapore has been leading the transition for local practitioners through dedicated webinars and training to ensure compliance with these updated global requirements.

The Three Lines Model, established by the Institute of Internal Auditors, is a risk management and governance framework that clarifies roles and responsibilities within an organization. Updated in 2020 from the original "Three Lines of Defense," the modern model shifts from a purely reactive "defense" posture to one focused on collaboration and value creation.

The Three Lines

First Line (Operational Management): Frontline teams who own and manage risks daily while delivering products or services.

Second Line (Oversight Functions): Specialized roles such as risk management, compliance, and cybersecurity that provide expertise, support, and monitoring to ensure the first line stays within defined risk boundaries.

Third Line (Internal Audit): An independent function that provides objective assurance and advice to senior management and the governing body on the effectiveness of the entire risk management framework.

The Governing Body (e.g. Board of Directors) is ultimately accountable to stakeholders for oversight. It sets the organization’s risk appetite, delegates resources, and ensures that management and internal audit roles are appropriately structured.

Contact us:

Mckellriskassurance@gmail.com