Download these popular KnowledgeLeader tools highlighted through the month of March. 

1. Internal Audit Capability Maturity Model (CMM)

This capability maturity model can be used to measure the maturity of an organization’s internal audit function and to assist its progress from the initial/ad-hoc stage toward the optimized state. The capability maturity model describes a maturity curve on these capability levels: initial, repeatable, defined, managed and optimized. In this sample, an optimized organization’s new hires are easily integrated.

2. Entity-Level Controls Risk Assessment Questionnaire

Risk assessment is the component of the entity’s internal control that involves identifying and analyzing risks internally and externally. Risk assessment is relevant to achieving business objectives as well as objectives related to the preparation of reliable financial statements. This questionnaire template provides a number of COSO elements and the related objectives for entity-level controls. Within the questionnaire, you can document the control's COSO attribute, whether the control exists, whether it was designed properly, related test procedures, management's action plan for deficiencies, and more.

3. Manage Employee Sales Commissions RCM

A successful risk management strategy requires a strong internal control environment. The risk control matrix (RCM) format emphasizes that strong and risk-oriented internal control environments are often optimized with automated/manual controls, depending on the situation. This document outlines risks and controls common to managing employee compensation during the 3.5.4 Manage Employee Compensation: Sales Commission process in a risk control matrix (RCM) format.

4. Internal Audit Feedback Questionnaire

This tool includes 10 sample questionnaires that can be used by internal audit functions to gather client feedback and measure client satisfaction. Sample questions include: What is your overall evaluation of internal audit’s performance for this project? How much value do you believe the audit provided to your group/department? How likely are you to use internal audit for future projects? How much would you be willing to recommend internal audit to other members of management? 

5. Entity-Level Controls: The Importance of Setting the Tone

Entity-level controls are policies, rules, procedures and standards of behavior that apply to members of the board of directors, senior company officers, top management, and rank-and-file employees. It’s a well-established fact that the behavior of upper management tends to “set the tone” for the subsequent behavior of everyone else down an organization's chain of command. This blog post explains the importance of entity-level controls and explores the COSO Framework.

Browse our Risk Assessment and Entity-Level Control topic pages to see more popular content related to these themes.