
Sample Requests for Proposals Available on KnowledgeLeader
We offer over 10 sample requests for proposals that offer a wide range of support. Some of KnowledgeLeader's most popular RFPs are listed below. For a full list o...

KnowledgeLeader's Premium Tools of the Week: August-September 2023
Check out KnowledgeLeader’s premium tools of the week in August and September.1. Internal Audit Project Administration MemoThe purpose of this memo is to document...

New Content on KnowledgeLeader - 9/25/2023
ToolsThe following tools were published on KnowledgeLeader this week:Close-the-Books Audit ReportThe best-practice steps included in this audit report sample can ...

Sample Guides Available on KnowledgeLeader
KnowledgeLeader's guides can be used as development tools for managing risk, conducting internal audits and leading an internal audit department. They provide inn...

New Content on KnowledgeLeader - 9/18/2023
ToolsThe following tools were published on KnowledgeLeader this week:Financial Close Review Audit ReportThis audit report sample can be used by auditors looking t...

Topic Spotlight: Section 302 - Executive Certifications
Assess the state of your company’s IT internal control environment with the SOX compliance checklist samples linked in this blog post.1. Sarbanes-Oxley Compliance...

New Content on KnowledgeLeader - 9/11/2023
ToolsThe following tools were published on KnowledgeLeader this week:Password Security PolicyUse the four sample policies included in this tool to establish your ...

Topic Spotlight: Inventory and Materials Management
Optimize your organization’s inventory turnover rates with the tools and best practices included in this blog post. Non-Routine Transactions PolicyThis tool inclu...

KnowledgeLeader's Top 10 Pages: August 2023
Check out the 10 most frequently viewed audit tools and publications on KnowledgeLeader in August. 1. Entity-Level Controls: The Importance of Setting the Tone ...

New Content on KnowledgeLeader - 9/4/2023
Tools The following tools were published on KnowledgeLeader this week: Request for Proposal: Internal Audit Co-Sourcing/Outsourcing This tool contains three sa...

Sample Audit Reports Available on KnowledgeLeader
KnowledgeLeader's sample audit reports provide you with an outline of how to conduct and report on a variety of audits. Our audit report templates contain sample ...

Topic Spotlight: Audit Reporting
Enhance the communicative value and relevance of your organization’s audit reporting process with these tools. Bank Branch Internal Audit Work Program This docu...

New Content on KnowledgeLeader - 8/28/2023
Tools The following tools were published on KnowledgeLeader this week: Human Resources Review Audit Work Program Organizations can use the samples included in ...

New Content on KnowledgeLeader - 8/21/2023
Tools The following tools were published on KnowledgeLeader this week: Finance Code of Conduct Policy This sample policy serves as a code of conduct specific t...

KnowledgeLeader Tool Pack: Inventory Management CPE Courses
Inventory planners and managers today find themselves engaged in a delicate balancing act. The process of managing inventories involves delivering the right inve...

Topic Spotlight: Internal Controls
Download these internal controls tools and keep them handy to assist with your audit projects. Record Retention Policy This tool contains seven sample policies ...

KnowledgeLeader's Greatest Hits: June-July 2023
Download our most popular content accessed on KnowledgeLeader in June and July. 1. Scope of Application Security Memo This memo outlines the assumptions and de...

New Content on KnowledgeLeader - 8/14/2023
Tools The following tools were published on KnowledgeLeader this week: Risk Culture Guide For risk management and internal controls to function when a crucial ...

KnowledgeLeader Tool Pack: Strategic Risk CPE Courses
Reporting insights to decision-makers is what it’s all about. Business leaders establish relevance with the board of directors by understanding the organization...

KnowledgeLeader's Top 10 Pages: July 2023
Explore the 10 most frequently viewed audit tools on KnowledgeLeader in July. 1. Entity-Level Controls: The Importance of Setting the Tone This blog post explai...

KnowledgeLeader's Top 10 Pages: June 2023
Download the top 10 most frequently accessed tools and publications on KnowledgeLeader in June. Management Response to Internal Audit Reports Memo This memo out...

KnowledgeLeader's Premium Tools of the Week: June-July 2023
Check out KnowledgeLeader’s premium tools of the week in June and July. External Access Risk Key Performance Indicators (KPIs) This tool outlines the business ...

New Content on KnowledgeLeader - 8/7/2023
Tools The following tools were published on KnowledgeLeader this week: Audit Committee Report - Internal Audit Plan This tool contains seven sample audit repor...

KnowledgeLeader Tool Pack: Talent Optimization CPE Courses
Integrating Talent Strategy and Business Strategy Is Key With the shortage of available qualified job seekers to meet demand, companies are scrambling to find an...

New Content on KnowledgeLeader - 7/31/2023
Tools The following tools were published on KnowledgeLeader this week: Treasury Risk Management Capability Maturity Model (CMM) This capability maturity model ...

Topic Spotlight: Enterprise Risk Management
Download these enterprise risk management tools and publications and keep them handy to assist with your audit projects. Internal Auditing Around the World: Volu...

KnowledgeLeader Tool Pack: COSO CPE Courses
The 2013 COSO Internal Control Framework supports organizations as they adapt to the increasing complexity and pace of a changing business environment. The 2013 ...

New Content on KnowledgeLeader - 7/24/2023
Tools The following tools were published on KnowledgeLeader this week: Payroll Audit Work Program The two sample work programs included in this document were d...

Topic Spotlight: Audit Planning
Download these audit planning tools and keep them handy to assist with your audit projects. Payroll/Human Resources Audit Work Program The two sample work progr...

Topic Spotlight: Vendor Management
Download these vendor management tools and keep them handy to assist with your audit projects. IT Third-Party Management Policy Organizations can use the requi...

New Content on KnowledgeLeader - 7/17/2023
Tools The following tools were published on KnowledgeLeader this week: Close-the-Books Policy The purpose of this policy is to establish procedures for providi...

KnowledgeLeader Tool Pack: Next-Generation Internal Audit CPE Courses
Audit Departments Make Progress With Transformation Internal audit departments have faced unprecedented levels of disruption over the past couple of years. Chang...

New Content on KnowledgeLeader - 7/10/2023
Tools The following tools were published on KnowledgeLeader this week: Treasury Review Audit Report This tool contains five sample audit reports that focus on ...

Topic Spotlight: COSO
Download these COSO tools and keep them handy to assist with your audit projects. Monitoring Entity-Level Controls Audit Work Program In this document, we provi...

New Content on KnowledgeLeader - 7/3/2023
Tools The following tools were published on KnowledgeLeader this week: Asset Management Policy This tool contains two sample policies that focus on maintaining...

Topic Spotlight: Internal Audit
Download these internal audit tools and keep them handy to assist with your audit projects. Payroll/Human Resources Audit Work Program The two sample work progr...

KnowledgeLeader's Top 10 Pages: Q2 2023
Download the top 10 most frequently accessed tools and publications on KnowledgeLeader in the second quarter of 2023. Entity-Level Controls: The Importance of Se...

KnowledgeLeader's Greatest Hits: April-May 2023
Download our most popular content accessed on KnowledgeLeader between April and May of 2023. Risk Culture Assessment Questionnaire Organizations can use the qu...

KnowledgeLeader Tool Pack: Sarbanes-Oxley CPE Courses
Sarbanes-Oxley continues to be a demanding journey and is ripe for transformation. For many organizations, most notably large accelerated and accelerated filers,...

New Content on KnowledgeLeader - 6/26/2023
Tools The following tools were published on KnowledgeLeader this week: IT Disaster Recovery Policy This sample policy is designed to help companies define proc...

KnowledgeLeader Tool Pack: Fraud CPE Courses
Nobody wants to believe that their company is losing significant revenue to fraud. Understandably, organizations don’t want to spend scarce resources managing ris...

KnowledgeLeader's Premium Tools of the Week: April-May 2023
Check out KnowledgeLeader’s premium tools of the week between April and May 2023. Data Breach Notification Memo This memo notifies an individual regarding the ...

New Content on KnowledgeLeader - 6/19/2023
Tools The following tools were published on KnowledgeLeader this week: Risk Assessment Facilitation Guide Today’s economy requires companies to identify and re...

Strategies to Prepare for an Intellectual Property Audit
Intellectual property (IP) audits help companies identify and organize their intellectual assets. There are several reasons for conducting an intellectual proper...

KnowledgeLeader Tool Pack: Cost Management CPE Courses
As senior executives face more pressure to respond to rising costs and eroding profit margins, CFOs can remind their colleagues that they have more cost-optimizat...

New Content on KnowledgeLeader - 6/12/2023
Tools The following tools were published on KnowledgeLeader this week: IT Change Management Policy This document contains multiple sample policies that provide...

Expense Reporting: Best Practices for Corporations
Generating revenue is typically the number one goal of any business. However, as the famous adage goes, “It costs money to make money.” To that end, any business ...

KnowledgeLeader's Top 10 Pages: May 2023
Download the top 10 most frequently accessed tools and publications on KnowledgeLeader in May. Entity-Level Controls: The Importance of Setting the Tone This bl...

New Content on KnowledgeLeader - 6/5/2023
Tools The following tools were published on KnowledgeLeader this week: Project Risk Management Audit Work Program This sample audit program provides the intern...

How a Quality Assessment Review Can Improve Your Internal Audit Process
According to standards set forth by the Institute of Internal Auditors (IIA), quality assessment review best practices should include an independent and external ...

KnowledgeLeader Tool Pack: Culture CPE Courses
If culture eats strategy for breakfast, why do some organizations continue to respond to labor shortages and economic contractions with salary increases, staff re...

New Content on KnowledgeLeader - 5/29/2023
Tools The following tools were published on KnowledgeLeader this week: Privacy Audit Work Program This tool contains two sample work programs that highlight ri...

Develop a Credit Card Information Policy to Mitigate Financial and Credit Risk
What Are Financial and Credit Risks? Financial risk and credit risk are related risks that should often be (and are) considered together but are not wholly inter...

KnowledgeLeader Tool Pack: Data Analytics CPE Courses
The explosion in the use of digital channels and the data they produce have caused a corresponding rise in the use of data analytics across organizations. Despite...

New Content on KnowledgeLeader - 5/22/2023
Tools The following tools were published on KnowledgeLeader this week: Accounts Payable Audit Work Program Organizations can use the general best-practice step...

Strategic Risk: Management and Reporting
Business can't be done, and money can't be made without taking on risks. Risk is an inevitable fact of business life. Big things, like expanding internationally o...

KnowledgeLeader Tool Pack: Agile CPE Courses
As businesses focus on digital transformation for speed and service, they tend to put more emphasis on individuals and interactions than processes and tools. In t...

New Content on KnowledgeLeader - 5/15/2023
Tools The following tools were published on KnowledgeLeader this week: IT Organization Audit Work Program This tool contains two work program samples that high...

Document Retention Policy Basics
We live and do business in a highly regulated, litigious society. It’s an inevitable but beneficial consequence of our pluralistic, capitalist system. In such a s...

New Content on KnowledgeLeader - 5/8/2023
Tools The following tools were published on KnowledgeLeader this week: IT and Business Risk Alignment Guide This sample tool can be used as a guide for unders...

The Art of Balancing Costs and Profits: A Guide to Cost Management
Effective cost management is an essential factor for the success of any organization. For risk management and audit professionals, it is crucial to manage costs e...

KnowledgeLeader's Top 10 Pages: April 2023
Download the top 10 most frequently accessed tools and publications on KnowledgeLeader in April. Entity-Level Controls: The Importance of Setting the Tone This ...

New Content on KnowledgeLeader - 5/1/2023
Tools The following tools were published on KnowledgeLeader this week: Accounts Receivable Policy: Cash Receipts This sample policy is designed to help compani...

Risk Management Strategies: Using an RCM and Other Tools for Reporting and Disclosure
Maintaining transparency and accuracy in financial and operational reporting is critical to any company's compliance efforts. Two essential components of any comp...

KnowledgeLeader Tool Pack: Digital Transformation CPE Courses
Digital transformation is not only about embracing the latest software tools and apps; it also raises the bar in the war for talent. Organizations that want to th...

New Content on KnowledgeLeader - 4/24/2023
Tools The following tools were published on KnowledgeLeader this week: Social Media Risks Guide Organizational social media use is rising and growing increasin...

New Content on KnowledgeLeader - 4/17/2023
Tools The following tools were published on KnowledgeLeader this week: Debt Management Policy The purpose of this policy is to outline the proper method of acq...

How to Approach Governance, Risk and Compliance
When viewed as a single corporate project or objective, governance, risk and compliance, often referred to by risk audit and accounting professionals as “GRC” for...

New Content on KnowledgeLeader - 4/10/2023
Tools The following tools were published on KnowledgeLeader this week: Shipping and Receiving Audit Work Program This document provides three sample audit work...

Sarbanes-Oxley Section 302 Executive Certifications: The Importance of Maintaining Compliance
The beginning of the 21st century ushered in a new financial, commercial and industrial era. It was the beginning of the internet age. Powerful computer processor...

Safeguarding Sensitive Data: Proactive Measures Against Cyber Threats
Data Security and Internal Controls In today’s digital age, breaches in data security from cyberattacks have become more prevalent and sophisticated, causing sig...

Maximizing Efficiency: Best Practices for Effective Audit Project Management
Audit Testing Needs Project Management For finance and audit professionals, project management is a core requirement for achieving effective results in audit tes...

Internal Audit Administration: Get a Tune-Up
Internal audit administration can help organizations better understand and manage risks, make better decisions, and achieve their goals more effectively. Internal...

Integrating SOX Compliance Efforts for Optimal Results
Maintaining Control Corporate governance has become increasingly critical over the years, with organizations being assigned a growing responsibility to ensure th...

Achieving High Customer Satisfaction: Processes and Procedures for Businesses
A question that companies regularly ponder: Why is customer satisfaction so important? Simply put, customers are the lifeblood of any business. Without customers,...

Updating Your Company’s Investments and Foreign Exchange Risk Management Strategy: Implement, Monitor, Review, Rinse and Repeat
As risk management and audit professionals are well aware, investments and foreign exchanges can present significant challenges for companies. In the wake of the ...

How to Transition to Continuous Auditing
If auditing critical business processes is a good thing, more auditing must be a better thing. That, at least, is the admittedly oversimplified thinking behind th...

How and Why to Audit Your Business Continuity Management Program
Any number of disasters can adversely affect an organization. There are natural disasters like floods or tornados; technology disasters, including computer crashe...

Vendor Management Best Practices
At its core, vendor management is relationship management. It’s all about the relationships an organization maintains (and benefits from) between itself and exter...

Self-Assessment Best Practices
Self-assessment is an organized means of using the knowledge of those who are most familiar with a topic, such as processes and controls. The self-assessment proc...

The Essentials of Project Management
Project management is the act of applying expert knowledge, skills, tools and techniques to project activities within an organization or business to meet or excee...

Performance Measurement Is More Important Than Ever
In today’s modern digital age, competition in business and industry is relentless. High-level organizational performance and consistent improvement are critical t...

Change Is Inevitable; Change Management Is Critical
There can be no continuing success in modern business without rapid organizational evolution. Technology, communication, regulation and the economy all move too f...

Ethics Program Best Practices
Well-written, well-disseminated ethics policies are essential aspects of modern business. Ethics are, in fact, the foundation of all policymaking decisions. This ...

Best Practices in Corporate Governance
Corporate governance has traditionally been viewed as that which the board of directors does when providing oversight on strategy, policy, performance and transpa...

Inventory and Materials Management Best Practices
Defining Inventory When one thinks of inventory, the physical items in storage or warehouse facilities may come to mind. Yet the term is much broader. Inventory...

Enterprise Resilience — the Delicate Balance of Growth and Risk
Risk at the Speed of Light There has never been a time when succeeding in business didn’t involve facing monumental challenges and taking great risks. It’s silly...

How to Produce a High-Quality Audit Report
Responsible companies need to maintain the critical attributes of accountability, consistency and transparency to uphold the confidence of investors, regulators, ...

Building a Robust Disaster Recovery Policy
Disaster recovery is the process of rapidly recovering business operations in the event of a business interruption. The disaster recovery team of an organization ...

Mastering the Credit and Collections Process
Credit and Collections Defined When defining credit and collections, it's best to begin with an understanding of accounts receivables, which is money owed to an ...

How Quality IT Audit Controls Can Protect Your IT Investments
A Substantial Investment The modern business enterprise can’t exist without the benefit of up-to-date information technology (IT), at least not as a competitive ...

Making the Most of Your Internal Audit Practice
IntroductionIf you are reading this article, you are likely in the internal audit (IA) profession or looking to refine your internal audit practice. Or perhaps yo...

How IT Controls Enhance the Value of IT Assets
It is impossible to overstate the value of information technology (IT) to the world of businesses and industries today. IT facilitates and enhances communication ...

The Benefits of Agile Auditing
Agile Defined Agile is a methodology that focuses on maintaining flexibility and staying in touch with clients. It recognizes that the linear approach taken in t...

Entity-Level Controls: The Importance of Setting the Tone
An effective organization of consequence, whether public or private, attempts to strike a balance between its mission (usually but not always profit) and its resp...

What Is IT Risk and How Should You Manage It?
What Is IT Risk? Information technology (IT) risk is any potential threat to business data, critical systems and business processes. It is the risk associated wi...

Segregation of Duties Is a Best Practice That Can’t Be Ignored
Checks and BalancesThe judicious segregation of key duties within a business is a fundamental principle of risk mitigation that should never be ignored or taken l...

How to Ensure a Robust Compliance Policy
Introduction“Compliance” is defined as adherence to policies, plans, procedures, laws, regulations, contracts or other requirements within a company or organizati...

A Guide to Reviewing Your Organization’s Data Mining and Data Analytics Practices
In the realm of computer science, the term data mining is interchangeable with the term knowledge discovery in data (KDD), and for good reason. There’s a tremendo...

Organizational Risk Assessment — Performed the Right Way
Risk Assessment DefinedRisk assessment is the identification and analysis of relevant risks to achieving objectives and forming a basis for determining how the ri...

Internal Controls: Why You Need a Vigorous Policy
A Working Definition of Internal Controls For accounting, risk and audit, internal controls are a set of accounting best practices activities designed and implem...

The Importance of Best Practices in Goodwill Accounting
Goodwill: An Elusive but Valuable Asset Goodwill might be the most valuable asset on your company’s balance sheet. It might also be the most difficult to place a...

COSO: Step Up Your ERM, Integrated and Internal Controls
COSO is a framework used by businesses to establish a set of internal controls for integration into their business processes. This set of controls assures that an...

Successful Audit Planning Is a Critical First Step in the Audit Process
While it’s true that no internal audit will ever go exactly according to plan, it is also true that audit planning is a necessary and important part of the overal...

Building and Maintaining a Robust Enterprise Risk Management (ERM) Platform
The many ongoing risks that businesses face daily extend well beyond organizational risk and market risk to include a much longer set of risks that can be derived...

Human Resources Best Practices: Tools to Help Meet the Challenge
The Challenge Human resources (HR) professionals have a real and ongoing responsibility to the employees of the companies they serve. To the utmost extent possib...

Must-Have Tools for Accounts Receivable Risk Management
Getting to the Core of Accounts Receivable Accounts receivable (AR) refers to the proceeds or payments that a company will receive from its customers who have pu...

What Is Internal Audit’s Role in Cybersecurity?
Corporations are always thinking about how to protect assets. A few of the white-collar crimes companies must consider include hacking/intrusions (cyber vulnerabi...

Five Components of the COSO Framework You Need to Know
WHAT DOES COSO STAND FOR? In 1992, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) developed a COSO Framework for evaluating inter...

What Is Internal Auditing?
What Is Internal Auditing?About Internal AuditThe internal audit profession, through The Institute of Internal Auditors (IIA), has continued to redefine itself as...

Second Line of Defense: What Needs to Be Present
What is the Second Line of Defense? Essential to effective risk management, the lines-of-defense model is implicit in COSO’s internal control framework through t...

Segregation of Duties: Key Facts You Need to Know
Segregation of duties (SoDs) is an important concept to internal control frameworks, financial reporting and regulatory compliance, including the Sarbanes-Oxley A...

The Art of Internal Audit Reporting: Direct Impact and Clarity
Internal audit (IA) reporting may be the biggest challenge in the audit process next to scheduling the audit itself and implementing recommendations in today’s co...

Risk Assessment Maps and Prioritizing Business Processes
Risk assessment helps identify and document critical business processes and the internal controls within each process. Combined with facilitated management meetin...

Audit Committee Reporting: Important Practices and Examples You Need to Know
Chief audit executives may be comfortable that their approach to audit committee reporting has followed the same unwavering path for the past decade. But are th...

Fraud Detection Red Flags
Corporate fraud, employee theft, insurance scams/workers compensation fraud, employer fraud, forgery/falsified documents and even money laundering are all example...

Internal Audit: Auditing Standards You Need to Be Aware Of
Auditing Standards for Internal Audit The Institute of Internal Auditors (IIA) promulgates the International Professional Practices Framework (IPPF) which includ...

Risk Oversight: How to Be Aware of Emerging Business Risks
Given the dynamic environment, the audit committee should take a close look at the company’s risk profile at least annually. Ideally, this review should be suppor...

How Are You Monitoring Your Project Management Risk?
Project management risk is significant because of its lasting implications. By definition, a project is a “temporary endeavor undertaken to create a unique produc...

Change Management Audits: Key Factors You Need to Know
Information technology is critical to the long-term success of most organizations. It is a key driver for the cost of operations, which tends to be a vital compo...

Inventory Management Sample Process Interview Questions
This extensive list of questions can be asked during an interview for an inventory audit. Purchasing Can I have a copy of your policies and procedures? Can I ...

What is IT Audit?
It is common to find organizations investing more and more resources – money, time, staff, etc. – these days in technology. Consider a relatively small retail com...

Audit Committee: Importance to the Board of Directors
What should the audit committee’s relationship be with an organization’s board of directors, compensation committee, disclosure committee, and nominating and gove...

Enterprise Risk Management: How to Effectively Raise the Bar
Everyone talks about the need for good risk management programs, but nobody seems to know how to audit them to ensure that they work. The people that bear respons...

What is Process Accounts Receivable, Credit and Collections?
In recent blog posts, we’ve discussed KPIs for various processes and even gave a concise description of what they are (see Guide to Managing Mergers and Acquisiti...

COSO ERM Framework: Key Facts You Need to Know
When initiating the project to update its enterprise risk management (ERM) framework, COSO saw opportunities to achieve clarity on several fronts. The updated fra...

How to Identify Remarkable Value in Data Analytics for Internal Audit
Internal auditors have weighed the benefits of data analytics software since the earliest versions of the technology began to surface nearly two decades ago. The...

How to Identify Important Components of SOC Report Evaluation
There are distinct differences between SOC 1 and SOC 2 reports, but these reports also certainly overlap. For example, the security principle in a SOC 2 report r...

What is the Internet of Things?
The internet of things (IoT) is an environment in which “things” – objects, animals or people – are given unique identifiers on the internet and are able to trans...

A Compliance Perspective to Risk Assessment
Making Your Risk Assessments Count: A Compliance Perspective to Risk Assessment The traditional approach for assessing compliance risks focuses on the severity o...

How to Effectively Audit Fixed Assets
Auditing fixed assets is extremely important to ensure that accounting for capital assets and depreciation is in compliance with management’s objectives. Knowled...

How to Define Risk Management Goals and Objectives in Your Organization
Risk oversight and risk management are high priorities on the agenda of most organizations. Here are popular KnowledgeLeader tools that focus on risk management:...

Customer Service: Business Risks You Need to Know
The focus on customer relationship management (CRM), also known as customer care or customer service, has been growing steadily for the last few years. Companies...

Do You Have Adequate Documentation for Your Business Processes?
Good process documentation doesn’t just describe how things work—it tells a story of an organization’s modus operandi (MO). As with any storytelling, you might si...

Risks Associated with Data Integrity and Management Best Practices
Failure to manage data integrity risk can have the following impact: Authorization, completeness, and accuracy of transactions may be incorrect as they are ent...

Project Management: Business Risks and Best Practices You Need to Know
Project management is generally associated with the ability to apply expert knowledge, skills, tools and techniques to project activities in order to meet or exce...

How to Optimize Effective Audit Planning
Audit planning sets the tone for the audit. If audit planning hasn't been done well, it can make the entire audit much more difficult. You should be answering fou...

When Was the Last Time You Reviewed Your Purchasing Process?
The process of purchasing materials and supplies comprises procedures and activities to acquire goods in the correct quantity and in a timely manner. The process ...

How to Monitor Transaction Governance for Anti-Money Laundering
Expectations for transaction monitoring (TM) governance are quickly evolving due to the complexity of detection systems, the demand for additional operational ove...

The Best Way to Formulate and Execute Audit Procedures
Once a company forms an internal audit function, completes the risk assessment process and develops an internal audit plan that is responsive to the risk assessme...

Internal Audit: How to Guarantee an Increase in Performance
The internal audit function’s position within a company is unique. It provides its principal stakeholders (audit committee members and management) valuable and ob...

Key Performance Measures for Improving the Internal Audit Process
An effective business process is built on a set of well-defined and clearly stated business objectives. These key objectives articulate the ideal performance resu...

COSO Integrated Control Framework: Important Changes You Need to Know
In January 2013, the updated version of the Committee of Sponsoring Organizations of the Treadway Commission Integrated Internal Control Framework went into effe...

Guide to Risk and Risk Reporting
Business risk is the level of exposure to uncertainties that the enterprise must understand and effectively manage as it achieves its objectives and creates value...

Ten Important Roles of the Audit Committee in Internal Audit
Ten Important Roles of the Audit Committee in Internal Audit Although the exact nature, charter, scope and reporting lines of internal audit may vary between com...

Disclosure Controls and Procedures: Key Facts You Need to Know
The SEC introduced “disclosure controls and procedures” as a new term in its initial August 29, 2002, release following the enactment of Sarbanes-Oxley. Disclosur...

Comparing U.S. Sarbanes-Oxley with C-SOX (Bill 198) and J-SOX (FIE)
As a result of the infamous Enron and WorldCom scandals, the U.S. reacted with strict guidelines to re-establish confidence in the financial market. Commonly refe...

How to Develop an Effective Code of Conduct
Executives often cite an ability to adapt to change as the most important factor for success in today’s dynamic business environment; however, there is another eq...

Important Roles You Need to Be Aware of During Enterprise Risk Management
The chief audit executive (CAE) and internal audit can play one or more of the following roles in conjunction with the implementation of enterprise risk managemen...

Six Tips on How to Implement a Strong Ethics Program
Do your customers trust and believe in your company? Do you trust and believe your employees? Do your employees trust and believe in you? Trust and transparenc...

Business Continuity Programs: Important Information on How to Perform Audits You Need to Know
Ensuring that an organization can recover from disaster is a basic business requirement the board should explore regularly with management. Nowadays, leading org...

How to Determine the Most Effective Budgeting Process
A budget is a systematic method of allocating financial, physical and human resources to achieve strategic goals. Companies develop budgets in order to monitor pr...

An Operational Perspective to Risk Assessment
Making Your Risk Assessments Count: An Operational Perspective to Risk Assessment Operational assessment is often directed to assessing performance against quali...

Guide to the State of Data Analytics
What is Data Analytics? Data analytics is the practice of embedding insight into operations to drive business strategy and performance. What Does this Mean? W...

What is Strategic Forecasting?
Budgeting is a systematic process for: Expressing future plans in formal quantitative terms Allocating resources to achieve strategic goals Monitoring progress...

Guide to Managing Mergers and Acquisitions KPIs
Few things can be as fraught with stress and complication for top executives and business owners as evaluating mergers and acquisitions. Some mergers are consumma...

How to Mitigate Risks Using Effective Business Continuity Planning
Thorough business continuity plans help organizations minimize the risks of a disaster and restore vital business functions without significant detrimental effec...

A Guide to Self-Assessment Value Proposition
Self-assessment is a process through which an organization utilizes its internal knowledge to identify and assess uncertainties and the extent to which current pr...

Developing Budgets: What You Need to Know
In a previous blog on Managing Mergers and Acquisitions KPIs, we discussed what exactly key performance indicators are: “KPIs are generally defined as quantifiab...

Five Essential Lines of Defense You Need to Know for Managing Risk
Organizations have learned many lessons over the years from specific financial crises. For example, if a chief executive ignores the warning signs posed by the...

How to Get Your Accounts Payable Process to Work for You
One of our leading practices to consider for your accounts payable process is to develop strategic business alliances with suppliers and involve them in developin...

Close-the-Books Guide: Reduce Financial Close Risk
A fast, close-the-books process provides multiple benefits for the finance function and for the company. First, a fast close process creates more time for finance...

Compliance: How to Position for Ultimate Effectiveness
Positioning Compliance for Effectiveness Positioning the compliance function for effectiveness is a matter of first defining the roles executive management and t...

Guide to Records Management
Technology has greatly expanded the methods of creating, editing, maintaining, transmitting and retrieving records. From creation to disposition, records in elect...

The Three Components of a Successful Systems Design
What is design risk? To “design” is to create, fashion, execute or construct according to plan. The term design as used here refers to the entire scope of a proje...

What Are the Benefits and Risks Associated With Data Integrity?
Data integrity is the assurance that information can only be accessed or modified by those authorized to access the system. Measures taken to ensure integrity in...

Important Factors of Data Analytics You Need to Know
Auditors can use data analytics to avoid the massive waste spending that often goes hand-in-hand with hiring outside vendors and contractors. This technique does...

Audit Committee: How to Maximize Your Evaluation
Every audit committee should assess the effectiveness of the organization’s internal audit function at least annually, if not throughout the year. The critical ro...

What is Organizational Alignment Risk?
What is Organizational Alignment Risk? "Organizational alignment" is defined as conscious and systematic coordination and alignment of three powerful and interre...

What is Sourcing Risk?
Outsourcing has become a keystone of major business operations to the point that it’s almost a given that large companies will move certain expensive business pro...

Are You Properly Managing Cash Flow Risks?
Cash flow management is the mobilization of company funds, the investment of these funds to produce income and compensation of the banks that support the process....

How To Minimize Customer Fraud Risk
Fraud is the intentional perversion of truth in order to induce another to part with something of value or to surrender a legal right. In the business community, ...

How to Keep Your Organization’s Policies Up to Date
Defined policies and procedures play an integral role in efficient and effective company operations. They are also key to the company’s internal control environme...

Intellectual Property: Risks You Need to Know
Copyright pirates, brand impersonators, patent flouters and trade secret thieves are a major threat to businesses, given their increased aggressiveness toward int...

Consider Different Approaches When It Comes to Cybersecurity
Cybercrime is now considered a top risk to most enterprises. Many organizations seek to build security by adding tools and processes on top of their established o...

How to Evaluate Your Corporate Culture
Starting the Process to Evaluate Culture Internal auditors often talk about the “tone at the top” – the idea that corporate culture begins with the example set ...

Guide to Managing Large-Scale Business Projects
It seems like everybody is wearing a lot more hats these days and finance leaders are no exception. Of course, this means that they are finding it increasingly difficult to balance the multitude of resp...
How to Successfully Optimize Your BCM Program
Business continuity management (BCM) is the development of strategies, plans and actions that provide protection or alternative modes of operation for activities ...

How to Conduct an Up-to-Date Information Security Audit
The point of the article, of course, was that people must focus their attention in the correct places when considering what would most influence their quality of...

Audit Committee: How to Develop a Strong Self-Assessment Process
The audit committee of the board of directors helps the board fulfill its responsibilities to the company and its current and potential shareholders, the investme...

Six Successful Warehouse and Storage Strategies You Need to Know
There are two main goals that companies with leading practices strive to achieve in the warehousing process: to provide value-added services such as product custo...

What You Need to Know About Robotic Process Automation
Are You Familiar With Robotic Process Automation? Robotic process automation (RPA) has been gaining traction as an efficient way to automate labor-intensive and ...

What You Need to Build Remarkable Partnerships With the IT Organization
The strength of the partnership between IT audit and the IT organization is a significant differentiator in the overall success of IT projects and IT audit effect...

How to Remarkably Audit Your IT Initiatives
Changes to a company’s information technology (IT) environment, both information systems and the underlying platforms, are a source of significant operational ris...

How to Identify Gaps in Your IT Strategy Process
Everybody is talking about IT strategy these days. As IT managers, you’re faced with considerable pressure to communicate a comprehensive strategy, and show a cl...

How to Monitor and Manage Legal and Ethical Issues
Globalization, technology and expanding economic development have propelled business to a leading role in shaping the course of human events. With that influence...

In The Spotlight: Your Accounts Payable Process
The accounts payable process is all about how a company pays its bills. For most companies, accounts payable begins with receiving an invoice and ends with issuin...

How to Build an Effective Business Process
Key Performance Measures Improving the Process An effective business process is built on a set of well-defined and clearly-stated business objectives. These key ...

Five Keys to Managing Relations With the Board of Directors
For directors to make meaningful contributions in their oversight of management, they need to understand the business environment within which the company operate...

Electronic Discovery Risks, Challenges and Procedures
Electronic discovery (eDiscovery) refers to the process of searching, locating and securing electronic data for the purpose of using it as evidence in a legal cas...

How Can Human Resources Risk Be Managed?
“All of the blame and none of the praise” This was how one Human Resource professional described their job in a forum on tech recruiting recently. Human Resource...

How to Effectively Conduct Self-Assessment Meetings
Why are we meeting? What are the objectives of the self-assessment meeting? Defining the meeting objectives is the most important aspect of planning a self-as...

Traditional Risk Assessment Approaches Have Limited Value
Developing risk maps, heat maps and risk rankings based on subjective assessments of the severity of impact of potential future events and their likelihood of occ...

Ten Tips You Need to Know for Making High-Impact Presentations
In order to be a high-performing auditor, you must be able to deliver messages in a clear and compelling manner. From kickoff meetings and status reports to inte...

Improving the Close-the-Books Process
An effective business process is built on a set of well-defined and clearly stated business objectives. These key objectives articulate the ideal performance resu...

Five Tips for Increasing Your Influence as an Auditor
Written by Ann Butera, president of The Whole Person Project, Inc. By definition, “influence” is the ability to get others to act on your suggestions wi...

Exploring the Big Picture of IT Risk Assessment
Most, if not all, business transactions executed today touch the information technology (IT) environment at some point in their lifecycle. As organizations plan f...

IT Governance Opportunities in the Age of Digitalization
Sustaining an effective business model in the face of digital disruption requires a strong foundation of IT governance able to scale and adapt to modern enterpris...

External Access Risk: Key Factors You Need to Know
Many businesses today exchange goods, services, information and knowledge using network-enabled technologies. Within such business, the proper protection of conf...

What You Need to Know About GDPR Compliance
Are You Familiar With GDPR? The General Data Protection Regulation (GDPR) became effective May 25, 2018, and introduced strict rules for the protection of the pe...

Is Your Financial Close and Reporting Process Too Manual?
Most organizations continue to invest a significant number of hours every month in a particular set of activities related to calculating, manipulating and validating critical financial reporting data us...
Currency Risk: The Purpose and Risk of Money
What Is Money? People may say that “money is the root of all evil,” but is it? It may be best to point out that the original quote is better expressed as, “for ...

Business Intelligence Competency Centers Overview and Guide
The objectives of a business intelligence competency center (BICC) are to provide the organization with better control over operational and financial reporting, r...

What is Cloud Computing?
What is Cloud Computing? Cloud computing is defined as the use of a collection of services, applications, information and infrastructure composed of pools of com...

Intelligence Automation: How to Get Started
Discussions of robotic process automation (RPA) and artificial intelligence (AI) tend to follow separate tracks. This has been a function of the way these technol...

Settlement Risk: Using Key Performance Indicators to Mitigate Exposure
Settlement risk, in its simplest form, is the risk that one party won’t hold up their end in a transaction. There are several reasons this can occur, including ti...

How Important is Due Diligence to the M&A Process?
There are several key phases of the mergers and acquisitions (M&A) process: Growth/Portfolio strategy Due diligence Integration planning Integration execu...

How Quick Is Your Financial Close Process?
"Close the books" is a process that a corporation uses to reconcile, consolidate and report financial information on a periodic basis. Each company defines closin...

How Does Opportunity Risk Apply to Financial Business Processes?
Opportunity risk occurs whenever there’s a possibility that a better opportunity may become available after having committed to an irreversible decision. We all ...

Communicating With Shareholders: What You Need to Know
Communicating with shareholders is about capital – the ability to access either equity or debt at the lowest possible cost. By understanding investor motivation a...

Five Important Questions on How to Effectively Keep Pace With Change
We all know that change is inevitable, but what can an organization do to keep its strategies and risk management capabilities on the same course as the ever-cha...

Is Your Strategy Focused on Digital Transformation?
The digital revolution currently taking place is transforming our world. Over the next few years, many organizations will need to undertake radical change program...

Best Practices for Developing Strong Public Relations
Are you using strong strategic communication processes that build great relationships between your organization and the public? Public relations has gained impor...

Process Alignment Risk Key Performance Indicators Guide
What Is Process Alignment Risk? This is the risk that the business processes within a company may not be appropriately aligned with its corporate strategy, resul...

How to Manage Your Lender Relationships
Is The Treasury Function Ensuring Superior Financial Services for Your Company? The treasury function at a company bears responsibility for managing financial t...

Where to Look for Digital Risk
Many auditors are asking themselves the same legitimate question: With so much happening, where do we start? Advancements in technology and data have been so rap...

What is Transaction Authenticity?
What Is Transaction Authenticity? "Transaction authenticity" can be defined as the authentication of a party’s (individual, organization) identity, to ensure tha...

Self Assessment: Launching Here and Soaring Beyond
First Step: Use Self-Assessment Within the Internal Audit Department The first and simplest way to use the self-assessment process is to use it in determining ...

How to Achieve Remarkable Value From Internal Audit in the Digital Age
In a world of rapid change on almost every front at which organizations must adapt and grow or risk decline and their ultimate demise, everybody faces the same re...

What is Design Risk and What Risks are Associated With System Design?
To “design” is to create, fashion, execute, or construct according to plan. The term design as used here refers to the entire scope of a project. A business syst...

What You Need to Integrate Risk in Your Business Planning Process
While strategy-setting defines an enterprise’s overall strategic direction, differentiating capabilities and required infrastructure, a business plan lays out ho...

How to Assess Your View of Future Risks
Given the complexity of the business environment, executives need to be careful to avoid overconfidence that can be bred by an expressed or implied “official” vie...

Measure Cost-of-Quality to Improve Product Quality
Total quality management requires commitment and persistence. Quality will always have a cost, but many companies are demonstrating that investments in quality al...

What is Financial Instrument Risk?
What is Financial Instrument Risk? Buyers and sellers may enter into sub-optimal financial or commodity instrument structures that have been standardized for eff...

Consider the Distinguishing Characteristics of Risk
Making Your Risk Assessments Count: Consider the Distinguishing Characteristics of Risk Traditional risk assessment approaches don’t often address the unique ris...

What You Need to Align IT Management With Business Priorities
The "Holy Grail" for IT has always been to be closely aligned with business efforts. For years, business has encouraged IT to focus on delivering business priorit...

Important Things You Need to Know When Traveling for Audits
Auditors often have the good fortune to go on audit assignments and client meetings throughout the U.S. and in many countries of the world. Some trips are specta...

Social Media Risk: What it Means to Your Risk Profile
Social Media Risk: What it Means to Your Risk Profile Social media platforms and applications have been implemented rapidly by most organizations over the past d...

Natural Disasters: How to Efficiently Leverage Lessons Learned
Perhaps no disaster in recent history has done more to show the need for strong business continuity and disaster recovery planning than the Japan earthquake and ...

How to Easily Revamp Risk Culture in the Digital Age
How many directors can name a chief risk officer who has advised them and the executive team that the organization is too risk-averse? In the digital age, not eno...

Signs Your Organization Needs Business Intelligence Solutions
|Busi*ness In*tel”li*gence|, n. - the capacity to acquire and apply business knowledge, the act or state of knowing about your business; to understand and profit ...

What is IT Performance Risk?
Performance is defined as the throughput of business transactions compared to user needs, expectations or requirements. IT performance risk is the risk that a co...

Cyber Risk: Major Challenges You Need to Know
Cybersecurity is likely to remain center stage as a top risk as companies continue to expand their reliance on digital technologies to transform customer experien...

How to Efficiently Create Agile Risk Management Solutions
Many organizations have failed to keep pace with changing trends in risk and compliance. Resource allocation for many risk and compliance initiatives implemented ...
