Hot Issue
The internal audit team lead is not only responsible for conducting high-risk, value-added audits but also for the effective and efficient management of an audit process that maximizes resources and stays within budget. Accomplishing this is often no easy task. The team lead needs to ensure that people and processes are used as efficiently as possible. With that in mind, this article focuses on 50 project management tips that can help make the most of internal audit’s productivity.
Compliance Week Article
An exclusive report from Compliance Week finds that 63 percent of S&P 500 companies won reductions in audit fees—most from the Big 4 audit firms—amid unprecedented economic strife. Corporate giants that have logged significant declines include JP Morgan, Berkshire Hathaway, Home Depot, Wal-Mart, and scores more. Full details and results from our analysis are inside.
Auerbach
ISO 27001 is intended to provide guidance on how to manage information security for an organization. To expand on this, the ISO standard is focused on an organization as a whole, including all information types, systems, people, policies, processes, and technologies. This chapter sets out the benefits and provides a business case for an information security management system (ISMS) that conforms to the ISO 27001 standard.
Questions & Answers
This section of Protiviti's “Guide to the Sarbanes-Oxley Act: IT Risks and Controls – Frequently Asked Questions" addresses activity and process-level considerations for application-level controls. Topics covered include: What are the application-level control considerations? How does the Section 404 compliance project team determine the critical applications for each key business process? And, how does the Section 404 compliance project team integrate the consideration of application level controls with business-process controls at the activity/process level?
Questionnaire
Corporate governance requirements established by The Sarbanes-Oxley Act have permanently mandated executive certification of public reports for all registrants. In this environment, companies are feeling greater pressures to take further actions. This questionnaire focuses on what boards and management should do as they work to improve corporate governance.
Questionnaire
The questionnaire is designed for the IT application security process. It addresses topics such as: access control mechanisms within the application, how users are identified, application security, password length, and password history.
Protiviti Podcast
Most U.S. companies know about the Foreign Corrupt Practices Act, a U.S. law prohibiting the bribery of foreign officials. They may not be aware, however, of a new U.K. law that goes even further and impacts any organization doing business in the United Kingdom. In this podcast, Protiviti Managing Director Jonathan Wyatt talks about the far-reaching impact of this new legislation on businesses worldwide.
Featured Link
Advisers detail how health information exchanges should ensure safety and accuracy of patient medical information while still complying with meaningful use requirements. The articles comes with principles that should be considered for ensuring a Nationwide Privacy and Security Framework for Electronic Exchange of Individually Identifiable Health Information. Source:informationweek.com
Featured Link
What should the governing bodies and senior management expect from internal auditing? To help internal audit activities effectively communicate the value of their work to primary stakeholders – such as audit committees, boards of directors, management, and audit clients – The IIA has developed an easy-to-understand message tool. It’s memorable and adaptable. Source: theiia.com
Featured KLplus Course
In this course we will cover performing the physical inventory and the risks associated with this phase of the process. The completed course is worth 1 CPE credit and by the end of the course the learner will be able to:
- Provide consultation on the implementation of a physical inventory
- Recommend key controls and best practices
- Properly test the internal controls related to the physical inventory process
To view the full list of CPE courses available on KnowledgeLeader, please visit the KLplus page, or to request an upgrade to KLplus, visit the My Account page.
Featured Favorite
This checklist addresses a variety of topics and acts that often fall within the Audit Committee’s responsibilities. It provides a broad framework and a set of activities that can be undertaken by the Audit Committee to achieve appropriate oversight. This document is intended to only be used as a sample guide to understanding and reviewing the current charter. This checklist was tagged as a Favorite by your fellow subscribers.
From The Archive
This checklist should be used when planning the nature, timing and extent of work on an individual audit assignment where the design effectiveness and/or operational effectiveness of any business process is to be examined. It should be used in connection with a planning and scoping memorandum template to prepare detailed instructions for the work. This was one of the top 25 most viewed pages in 2009.
Did You Know?
Based on comments in response to the KnowledgeLeader annual survey indicating that you are looking for location-specific information, the KnowledgeLeader team has added country specific content. Please note that the majority of the content on KnowledgeLeader spans borders, and that we do not have content specific to every country.
Top 5 Pages on KnowledgeLeader
The following links will take you to the five most popular pages from the week of August 16, 2010.