Leonardo dos Santos
Business Development Manager

+55 11 9 6308-3227

[email protected]

Marcos A. Rodrigues
Advisory Partner

+55 11 9 9865-0484

[email protected]

Allan Torre
Corporate Finance Director

+55 21 9 7547-7212

[email protected]

Aline Poiani
Advisory Director

+55 11 9 6187-8447

[email protected]

Fabricio Liani
IT Advisory Manager

+55 11 94118-9005

[email protected]

Marcel Guerra
Advisory Manager

+55 11 97335-7730

[email protected]

Advisory Manager

+55 11 97331-0189

[email protected]

Claudio Matos
Advisory Manager

+55 11 99552-1966

[email protected]

Vanessa da Silva Matos
Advisory Manager

+55 11 99892-9668

[email protected]


“MAKING the business world a smaller place”

Risk management and Compliance

Since the enactment of the Sarbanes-Oxley Act, Basel II and the current Anti-Corruption Law, organizations have found themselves forced to make a strategic realignment and look at governance, risk and compliance as an essential part of the strategic alignment of their business.

A global trend, good management practices are reaching Brazilian companies, given that corporate governance makes increased profits possible for companies and increases their market value.

Practices of governance, risk management and Compliance involve people, systems, roles, time and specially money. On the other hand, the lack of or poor control represent, in most cases, a higher risk. However, to manage all the elements of governance in an intelligent way can be a competitive advantage.

In this context, and with the development of proprietary methodologies that consider the use of computerized tools, PP&C is able to assist organizations to implement innovative governance standards and ensure their effectiveness and maintenance over time with reduced costs.


The services in this area include:

  • Gathering and formalization of information and documents flows
  • Risk identification, assessment and management
  • Assistance in the implementation of systems and Corporate Governance practices
  • Development, implementation and monitoring of Audit Committees, code of ethics and other requirements related to good practices and corporate governance
  • Development of management plans for internal auditing departments based on risk management
  • Implementation and management of the Control Self-Assessment system

How we do

Rigorous Analysis

In addition to statutory and transparency requirements, PP&C’s services include a thorough analysis of the various processes, existing risks, control activities, possible rework situations, possibilities of eliminating manual activities (electronic spreadsheets), opportunities for integration of information generated by computerized systems or improvement of information necessary for proper management. From a security point of view, the service also allows for the identification of critical issues or control failures that can enable the occurrence of errors or fraud. The existence of a proper segregation of duties is also assessed.

Detailed surveys and a critical review of all processes from the perspective of the best practices are made. The benefits achieved include:

  • • Increased transparency of transactions and management
  • • Reduction of costs
  • • Reduction of the possibility of frauds and errors
  • • Risk identification and management
  • • Increase in productivity
  • • Increase in the speed and integration of information
  • • Creation or revision of the main KPIs used in the process management and creation of executive panels of indicators aimed for the top management


Experience with work of this nature reveals that additional advantages include the methodology adopted by PP&C and the involvement of different teams in the diagnosis and proposition of new processes, resulting in an increased overall business vision. The managerial involvement in the strategic analysis of the processes allows for greater management control of the company.

The deliverables of such services are:

  • • Mapped and formalized processes
  • • Reviewed policies, standards and procedures, aligned with the best practices and properly formalized
  • • Identification and formalization of all control activities that enable the implementation of a Control Self-Assessment – CSA system, the monitoring of controls by internal audit and the review, analysis and evaluation by external audit
  • • Creation of a culture focused on efficiency in internal controls
  • • Implementation of mechanisms that ensure the management of processes and risks and their maintenance over time
  • • Creation of an effective electronic documentation of the processes, standards and procedures

Integrated Solution

PP&C has developed an integrated solution for Governance, Risk Management and Compliance - GRC: the Software which ensures the integrity and agility in storage and retrieval of information relating to the design of processes, control activities, ISO standards and regulated activities, SOX, identification and management of risk It is an excellent tool for the implementation and management of Control Self-Assessment - CSA.

Through integration with the information systems of organizations, the solution enables the monitoring of registered accounting events, pre-scheduling and monitoring of the compliance of control tests, as well as recording and documenting all of these activities. This way, the control of previously established risk and materiality assumptions becomes automatic, giving greater security and integrity to managers

Send us a Message