Ron Kral

Ron Kral (CPA, CMA, CGMA) is a partner of Kral Ussery LLC, a public accounting firm delivering advisory services, litigation support and internal audits. He serves public and private companies to protect and grow shareholder value, as well as nonprofits and governments on internal controls to combat errors and fraud. Ron has worked with hundreds of clients as a public accountant offering robust solutions on accounting, auditing, controls, ethics, anti-fraud programs, governance and SEC regulatory matters.

Prior to forming a predecessor firm to KU in 2003, he was a general manager for a large technology company traded on the NYSE. Ron was also a principal consultant with PwC leading operational audits and internal control projects. He began his public accounting career with a California CPA firm as a financial auditor and was responsible for signing audit opinions upon becoming managing director of the firm’s Orange County office. Ron launched his career as a performance auditor with the California State Auditor.

Ron is a highly rated speaker and facilitator, including for COSO’s Internal Control Certification Program for the AICPA. He also served on FEI’s working group for the development of COSO’s 2013 control framework and is a member of four of the five COSO-sponsoring organizations: the AICPA, FEI, IIA and IMA. Ron holds an MBA from Arizona State University and a BBA from the University of Wisconsin-Madison. He can be reached at



rear view mirror

Ron Kral offers an analysis of the SEC’s recent order against BorgWarner, charged for making material misstatements by failing to account for certain asbestos liabilities. “Hindsight is 20/20” can be a profound statement when it comes to loss contingencies, as it is easy to precisely define them once they are settled over time. The statement can also be interpreted as the company...

Read more
glowing green shield, cybersecurity concept

A cybersecurity risk management program (CRMP), or formal cybersecurity strategy document, is key in an organization’s ability to weather a cybersecurity incident. Kral Ussery’s Ron Kral discusses what to take into account when drafting one. No topic has likely garnered more attention in boardrooms over the last couple of years than cybersecurity. And rightfully so when the full extent of direct and...

Read more
illustration of scattered financial reports on green background

Ron Kral espouses the benefits of a well-designed system for financial reporting controls and provides five ways organizations can improve the effectiveness of their ICFR process. When Congress first mandated SOX for public companies, requiring them to document and assess internal controls over financial reporting (ICFR), many executives viewed the requirement simply as a compliance exercise. While some may continue to feel...

Read more
red landline phone hanging on dark background

Ideas to Maximize Hotline Effectiveness It could be a good sign if the phones aren’t ringing at your organization’s hotline – or it could be indicative of a failing ethics and compliance program. Ron Kral discusses how to maintain a successful hotline program. Is your whistleblower hotline alive or dying a slow death? Whether it’s an effort to jumpstart your hotline program...

Read more
Governing Cybersecurity: Cybersecurity Committees on the Rise

Independent Oversight Meets the SEC Ron Kral discusses the the emerging trend of cybersecurity committees that are being created as companies recognize the need to create independent oversight of cyber risks. Cybersecurity risks pose grave threats to investors, our capital markets, and our country. This is the opening sentence of the SEC’s Interpretive Guidance on Public Company Cybersecurity Disclosures dated February 21,...

Read more
The (a)(b)(c)s of Sarbanes-Oxley 404

Section 404 of the Sarbanes-Oxley Act continues to be in the news and be a challenge for some companies. We now have Section 404(c), as well as a recently issued SEC Staff Study thanks to Dodd-Frank. We found expert accountant Ron Kral to provide the latest landscape on SOX 404 and break down the recent study.

Read more
laptop with compliance program

Leveraging COSO’s Internal Control – Integrated Framework Cultures may vary widely, but all organizations should be proactive about building and maintaining a culture of compliance. The COSO Integrated Framework provides extensive guidance on how to accomplish this. Ron Kral offers insights on integrating your company’s C&E program with a control framework. While many organizations have a compliance and ethics program (Program) to...

Read more
colleagues reviewing financial reports

Many public companies are in the process of preparing their annual 10-K reports for the SEC, and for these firms, it’s critical that management have a full understanding of the disclosure requirements. Ron Kral addresses several of the key challenges and questions organizations may have in conducting an effective ICFR evaluation.

Read more
tips for greater GRC success

New year, new plan. January is the perfect time to reflect on successes and shortcomings from the previous year and to make a plan for improvement. Candela Solutions’ Ron Kral has compiled a top 10 list of tips leaders can use to set their organizations up for success.

Read more
a change in PCAOB standards may pose challenges for auditors

The Public Company Accounting Oversight Board has introduced a new auditing standard, AS-18, which is likely to present some challenges for companies – and their auditing committees in particular. In short, AS-18 is meant to enable auditors to best handle “related parties,” but this means more work than making basic inquiries. Read on to learn the full impact of the new standard.

Read more
“Controls” Is Not a Dirty Word – Insights Into Controls Challenges and Solutions

We in the GRC community inherently see the value of internal controls, but often our peers in the rest of the organization don't share our vision. Strike up a dialogue about controls and you may face resistance or even opposition. Let's change the conversation, shall we? Everyone benefits when there's widespread buy-in on business controls. Perhaps a little more education is the...

Read more
Page 1 of 2 1 2
Access realtime data
Addressing systemic racism in the workplace SAI Global
Dynamic Risk Assessments with Workiva
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic