This page contains a list of all of the publications available on KnowledgeLeader from the following categories: Articles, Newsletters, Performer Profiles, Protiviti Booklets, Questions & Answers, Regulatory Updates, and Survey Reports. If you would like to explore a specific publication category, please use the links on the left.
The following 1508 items are listed by date.
October 25, 2010
Dentsply’s IAS team leverages technology to meet global financial audit objectives while controlling costs
Dentsply, a manufacturer of dental supplies and instruments, conducts business in more than 120 countries. In this profile, Jeff Walters, Dentsply’s audit director, discusses how the audit department is expected to cover 60 to 70 percent of the company’s operating assets. This expectation is defined in the internal audit charter, approved by the audit and finance committee of Dentsply’s board of directors. Walters describes how his team achieves this coverage through an integrated audit approach that leverages technology.
CONTENT AREA: Performer Profiles
TOPICS: Healthcare & Pharmaceuticals Industry, IT Audit, Audit Committee & Board, Continuous Auditing
October 25, 2010
Implementation Controls and Considerations
This section of Protiviti's "Guide to the Sarbanes-Oxley Act: Managing Application Risks and Controls – Frequently Asked Questions" addresses common questions about implementation controls and considerations. Topics covered include: What are the primary risks of implementing a new application, and how are they managed? What are the primary risks relative to data conversions relating to an implementation, and how are they managed? And, what are the risks to functional testing when implementing a new application, and how are they managed?
CONTENT AREA: Questions & Answers
TOPICS: Technology, IT Audit, IT Infrastructure, Sarbanes-Oxley Act, IT Controls
October 18, 2010
General IT Controls Related to Applications
This section of Protiviti's "Guide to the Sarbanes-Oxley Act: Managing Application Risks and Controls – Frequently Asked Questions" addresses common questions about general IT controls related to applications. Topics covered include: What does the Section 404 compliance team look for when evaluating application change controls? What elements of data management and disaster recovery should be evaluated by Section 404 compliance teams as they relate to applications? What elements should be considered with respect to the network, operating system and databases to support effective application control? And, what are interface risks and how are they managed?
CONTENT AREA: Questions & Answers
TOPICS: IT Audit, IT Infrastructure, Sarbanes-Oxley Act, IT Controls, Change Management
October 11, 2010
Access Security Considerations
This section of Protiviti's "Guide to the Sarbanes-Oxley Act: Managing Application Risks and Controls – Frequently Asked Questions" addresses common questions about access security considerations. Topics covered include: What are the principal risks related to access security? What should be considered when assessing user access rights and privileges for compliance? And, what processes should be in place with respect to establishing proper user access security and segregation of duties?
CONTENT AREA: Questions & Answers
TOPICS: IT Audit, IT Controls, Access Control Systems, Segregation of Duties
October 4, 2010
Application Control Considerations
This section of Protiviti's " Guide to the Sarbanes-Oxley Act: Managing Application Risks and Controls – Frequently Asked Questions" addresses common questions about application control considerations. Topics covered include: What are configurable controls? How are key application controls identified for documentation and testing? And, what are some application control considerations for the Close the Books/Financial Reporting cycle?
CONTENT AREA: Questions & Answers
TOPICS: Close the Books, Purchasing & Accounts Payable, IT Audit, IT Controls, IT Infrastructure
September 27, 2010
Commonwealth Bank of Australia: Merging powerful audit insights with technology
Commonwealth Bank, one of the largest listed companies on the Australian Stock Exchange, provides integrated financial services to clients. In this profile, Rachel Grantham, head of Strategy and Operations for Group Audit at Commonwealth Bank, states that a key team objective “is to ensure our people have the right audit methodologies, tools and processes to execute high-quality audit reviews and deliver optimum value to the business.” Grantham describes how her team achieves this through data analytics and continuous monitoring.
CONTENT AREA: Performer Profiles
TOPICS: Financial Services, IT Audit, Internal Audit, Continuous Auditing
September 27, 2010
General Application Risk and Control Considerations for Complying with Sarbanes-Oxley
This section of Protiviti's " Guide to the Sarbanes-Oxley Act: Managing Application Risks and Controls – Frequently Asked Questions" addresses common questions about general application risk and control considerations for complying with Sarbanes-Oxley. Topics covered include: What does Section 404 say about an organization’s reliance on critical business applications? What is a public company required to disclose regarding an ERP/application implementation? And, what are the typical application control types as they relate to Section 404 compliance?
CONTENT AREA: Questions & Answers
TOPICS: IT Audit, IT Controls, IT Infrastructure, IT Strategy, Section 404 - Internal Control Reporting
September 20, 2010
Testing, Addressing Deficiencies and Reporting
This section of Protiviti's “Guide to the Sarbanes-Oxley Act: IT Risks and Controls – Frequently Asked Questions" focuses on testing, addressing deficiencies and reporting. Topics covered include: How are IT controls tested? How should management address deficiencies and gaps in IT controls? And, how will the external auditor view IT controls during the attestation process?
CONTENT AREA: Questions & Answers
TOPICS: IT Audit, IT Controls, Sarbanes-Oxley Act, External Auditor, Section 404 - Internal Control Reporting
September 13, 2010
Documentation
This section of Protiviti's “Guide to the Sarbanes-Oxley Act: IT Risks and Controls – Frequently Asked Questions" addresses documentation issues. Topics covered include: How much documentation should the IT organization and the application and data owners have in place to evidence the controls and functioning of the applications? How should the Section 404 compliance project team document the IT controls at the entity level? And, how should the Section 404 compliance project team document the IT controls for the IT general controls at the activity/process level?
CONTENT AREA: Questions & Answers
TOPICS: IT Audit, IT Controls, Sarbanes-Oxley Act, Section 404 - Internal Control Reporting, Entity-Level Control
September 6, 2010
50 Small Tips That Could Add Up to Big Improvements in Audit Efficiency
The internal audit team lead is not only responsible for conducting high-risk, value-added audits but also for the effective and efficient management of an audit process that maximizes resources and stays within budget. Accomplishing this is often no easy task. The team lead needs to ensure that people and processes are used as efficiently as possible. With that in mind, this article focuses on 50 project management tips that can help make the most of internal audit’s productivity.
CONTENT AREA: Articles
TOPICS: Internal Audit, Performance Management/Measurement, Project Management, Training & Development