Mon, Mar 25, 2024


The following tools were published on KnowledgeLeader this week:

IT Data Management Policy

Our IT Data Management Policy outlines guidelines to ensure that critical data stored in applications and on servers is frequently backed up, stored and secured off-site. This policy allows for prompt recovery of important and critical company data in case of accidental or intentional corruption, loss or destruction of data.

Enterprise Incident Response Policy

Organizations can use this Enterprise Incident Response Policy to develop a consistent process for responding to and recovering from security incidents. Under this policy, although the approach to all incidents is similar, the steps taken to address specific incidents may differ depending on the incident's actual nature. 

IT Support Policy

Explore our detailed IT support policy for employees, covering request submission, urgent assistance after hours and issue escalation guidelines. In this sample, IT requests that are not urgent can be resolved by raising a help desk ticket. For all urgent requests, an immediately reachable email ID and phone number are provided.

Intranet and Internet Security Policy

This tool contains two sample policies that outline guidelines for a company's internet and intranet security and are a necessary part of an organization’s security strategy. This type of policy should apply to all users who access the company’s computing or networking resources, including permanent full-time and part-time employees, contract workers, temporary agency workers, business partners, and vendors.

Employee Leave Benefits Audit Work Program

This audit work program reviews a company’s processes and procedures related to employee leave benefits. Sample questions covered include: Does a formal documentation explaining all leave benefits exist? How was it approved and by whom? How were employee leave benefits communicated to employees? Do employees have to sign an acknowledgement form for these benefits?

Employee Bonus Audit Work Program

Use our Employee Bonus Audit Work Program to ensure proper documentation, approval and communication with employees. Sample questions to consider include: Is the bonus in cash or stock, or is it a combination of both? Does formal documentation of the employee bonus program exist? How was the program documented? How was the program approved and by whom? 

Request for Proposal: Internal Audit Department Quality Assessment Review

This tool contains two sample requests for proposals (RFPs) that can be used by organizations seeking a professional services firm to perform a quality assessment review of the internal audit department. Sample steps include describing your QA methodology and differentiating factors that provide enhanced value to clients and describing your process for reporting recommendations and observations.


KnowledgeLeader has also published several publications this week.

NIST Releases Version 2.0 of Its Cybersecurity Framework (CSF): What This Means for Your Organization

On February 26, 2024, The National Institute of Standards and Technology (NIST) released version 2.0 of its updated and widely used Cybersecurity Framework (CSF). In this Flash Report, we summarize the changes NIST CSF 2.0 brings to the table and how it builds upon previous versions to provide a comprehensive framework for managing cybersecurity risks.

From Cash to Credit to Crypto, Exploring How We Think About Money

What impact could a new monetary system have on the U.S. dollar as the world’s reserve currency? Could the U.S. dollar be replaced? If so, by what? And when? This question is top of mind for global executives and central to VISION by Protiviti’s exploration of the future of money. Explore how cashless payments, crypto and digital banking will change how we think about money in this VISION by Protiviti article.

The Pivotal Role of ISO/IEC 17025 in Fostering Laboratory Excellence

Among the myriad of standards that guide laboratories toward excellence, ISO/IEC 17025 emerges as a paramount influence, sculpting a framework that underpins the technical competency and integrity of testing and calibration lab operations. In this article, Audit Analytics examines the pivotal role ISO/IEX 17025 has in developing excellence within laboratories and demonstrating a commitment to quality. 

Recommended Resources 

This list of recommended resources from the web may be of interest to you. Click each link to learn more. 

  1. Digital Assets Addressed by FASAB
  2. More Work, Less Help for Finance
  3. Using Pay Transparency to Impact Culture, Employee Trust and Manager Effectiveness