This page contains an updated, alphabetized list of the samples that are available on KnowledgeLeader. These samples are provided in downloadable versions, so they can be customized for use in your organization.
Acquisition Tracking Spreadsheet Template - Sample
This is a sample spreadsheet used to track acquisition details. Data tracked in this spreadsheet can accommodate several acquisitions and details that include important dates, information related to the First Binding Agreement, and analysis.
Audit Committee and Disclosure Committee Agenda Template
This sample audit committee and disclosure committee agenda outlines the quarterly meeting topics for audit and disclosure committees.
Audit Discussion Form Sample
This sample form can be used to communicate specific findings identified during an audit and recommend a management action plan to address the findings.
Audit Opinion/Conclusion Writing - Sample
This report-writing example illustrates how different types of opinions/conclusions could be issued at the completion of an audit.
Audit Rating Form
This sample audit rating form can be used during an audit of remote access activities. It can assist in identifying opportunities to further enhance and improve areas such as internal controls, operations and accounting.
Audit Report Tracker - Sample
This simple one-page tracking sheet allows you to follow the status of a particular internal audit report. It tracks the date the draft was distributed, the intended reviewer, and date of comments received.
Audit Status Worksheet - Sample
This document provides a template to track the progress of all completed and in-progress audit activity during a specified period.
Audit Test Selection: Case Studies
These case studies describe internal audit situations for different business processes.
Balanced Scorecard Performance Measures for Internal Audit - Sample
Balanced scorecards look at performance from four perspectives, rather than from a single bottom-line measure. Balanced scorecards can be used to demonstrate the value of departments to their companies, and to make departments more responsive to corporate needs.
Benford’s Law Analysis Spreadsheet - Sample
Benford's Law demonstrates that seemingly random numbers in large volumes of data have digits that can be predicted to occur with certain frequencies. Internal auditors can use this principle to analyze large volumes of numerical data. This spreadsheet contains formulas for calculating expected frequencies using Benford's Law.
Business Processes to Application Mapping Diagnostic Template
This sample template helps map out an organization’s business processes and their impact or reliance on IT systems and applications.
Candidate Evaluation Form - Sample
This evaluation form can be used by an interviewer or recruiter to rate a candidate for an internal audit position. The form suggests competencies and criteria that could be applied to someone seeking to obtain employment in the audit group.
Community Management Work Plan
This document outlines a detailed work plan for a company's online community review.
Competency Assessment for Accounting Function - Sample Template
The purpose of this sample template is to document the positions that currently make up a company’s accounting function during the competency assessment process. Information in this template includes: job title, job function and responsibilities, start date, relevant work history, education level, and professional organizations and accomplishments.
Construction Project Risk Management Manual - Sample
This risk management manual contains a methodology that can be modified and used by other construction companies, or by businesses that are themselves undertaking construction projects. The methodology allows for project risk analysis and deciding whether or not to proceed with the project.
Contract/Project Approval Sheet - Sample
This one-page approval sheet helps you track to completion the process of approving a contract or project. It allows you to identify the parties involved and then provides a checklist of the fundamental steps to be completed by different parties.
Control Testing Responsibility Matrix – Sample
This matrix outlines the Sarbanes-Oxley responsibility assignments and testing process for primary manual controls.
Control Testing Tracking Spreadsheet – Sample
This document serves as a template to use in tracking the testing of internal controls. The spreadsheet can be used to track control testing status and operating effectiveness and to create a testing timeline.
COSO/COBIT Application Change Control and QA Control Objective Risk Matrix
This Risk and Control Matrix focuses on high-level control objectives AI2, AI5, and AI6 of the COBIT Acquire and Implement domain, PO10 and PO11 of the Plan and Organize domain, and DS11 of the Deliver and Support domain.
Disclosure Restrictions During the Initial Public Offering Process
The purpose of this sample memo is to document the SEC restrictions on public communication by companies beginning initial public offerings of their capital stock.
Enterprise Risk Management Project Plan
This document is a sample project plan for use during the planning phase of implementing ERM across an organization. It supports a phased implementation approach, detailing tasks, deliverables, and a project timeline.
Establishing an Internal Audit Function Request for Proposal
This sample request for proposal (RFP) is used to solicit services to establish an internal audit function. It discusses the standard information providers should include in their proposals.
Exception Form - Evaluation of an Individual Process/Transaction-Level Control
The process to evaluate and classify an individual process/transaction-level control deficiency incorporates the evaluation of quantitative and qualitative factors. This sample form assists in documenting and analyzing exceptions identified during individual process/transaction-level control testing.
External Quality Assessment Review Request for Proposal
This sample request for proposal (RFP) document focuses on finding a service provider to perform an external quality assessment review of an internal audit department. It details the process and timeline for responding to the RFP.
External Quality Assessment Review Request for Proposal - Sample
This is a sample request for proposal (RFP) for an external quality assessment review (QAR) of a company’s internal audit department.
Finance and Accounting Integration Project Plan – Sample
The document serves as a sample project plan for integrating the finance and accounting processes for a company planning to go public. It addresses key issues such as: system integration, payroll processing, and billing and collections processes. It lists down the key actions that need to be taken by each department and milestones that they should set out to achieve.
Financial Close Process – Sample Schedule Improvement Action Plan
The purpose of this sample is to document the activities performed as part of the monthly financial close process and identify areas where task duration can be improved upon. As part of this effort, users are encouraged to document the responsible person for each financial close task, current task duration, and desired task duration.
Financial Reporting Timeline Sample
This sample timeline outlines steps needed to complete the financial reporting process. It helps management define roles and responsibilities and meet specified deadlines.
Fraud Detection: Financial Ratio Calculator - Sample
This calculator identifies some common fraudulent and/or deceptive financial accounting practices, and gives the user examples of substantive audit tests and ratios to help catch the activity.
General Ledger Account Reconciliation Matrix - Sample
The purpose of the matrix is to communicate assignments and responsibilities related to the account reconciliation process. It also helps to ensure these activities are completed on time and conducted properly and accurately in conjunction with the overall financial close process and internal control structure
Goodwill/Indefinite Lives Impairment Analysis - Sample Template
This template was designed to assist companies in the periodic evaluation of potential impairment of Goodwill and Indefinite Lived Intangibles. Note that this is a tool to assist companies in the summarization of their impairment evaluations under U.S. GAAP, but is not intended to promote one valuation model/methodology over another.
Initial Public Offering Detailed Task List
When preparing for an IPO, it is vital to pay close attention to the underlying business and IT processes, policies and internal controls. This tool helps project manage the tasks and timeline associated with a company going public.
Internal Audit and Corporate Governance Structure Guide
This guide outlines sample organization structures for internal audit and corporate governance services.
Internal Audit Engagement Memo
This internal audit engagement memo informs an auditee of an upcoming audit and includes the objectives of the audit, proposed timetable and audit team members.
Internal Audit Feedback Survey Template - Sample
This survey is intended to be sent to relevant departments upon completion of work performed by internal audit. The questionnaire focuses on topics such as: communication, exit and closing meetings, technical proficiency, and level of value the audit provided to the business unit.
Internal Audit Meeting Scheduling Template and Overview – Sample
These internal audit meeting and schedule planning templates can be used in the planning and scheduling of meetings.
Internal Audit Plan – Sample 2
This sample document outlines the internal audit plan for specific projects that are planned to be delivered. Further details on the scope of these projects, interaction with the auditee and execution steps are provided in this planning document.
Internal Audit Plan - Sample
This document details an internal audit plan for a specific period and the related projects that are planned to be delivered to the organization. Further details on the scope of these projects are provided in relation to planned internal audit activities.
Internal Audit Post Engagement Debrief Template – Sample
Use this template upon completion of an audit to have team members discuss the audit and to provide feedback on audit execution, lessons learned, best practices, and future audit considerations. Sections include names of audit team members, performance against budget, lessons learned, internal process improvement suggestions, and future audit considerations.
Internal Audit Qualitative Diagnostic Presentation - Sample
This example presentation displays the results of an internal audit department evaluation to the audit committee, particularly following the quality assessment review process.
Internal Audit Rating System
This sample audit rating system can be used to gauge the performance of individual auditable units against expectations and previous audits.
Internal Control Issues Log
This sample serves as a template to use when documenting internal control issues and associated remediation plans. It provides an outline of information to use in this tracking process including: process, nature of issue, observation, control description, and action plan.
IT Application Inventory Sample Template
This template provides a structured way to define an organization’s system landscape. Use this document to capture applications utilized in the company and assess whether they fall within scope for Sarbanes-Oxley compliance testing purposes.
IT Projects Ranking Template – Sample
This sample provides a template to assess multiple project options using project risk factors and quantitative metrics.
Month-End Close Template Sample
The purpose of this month-end close document is to ensure that all responsible employees are fully aware of their assignments and their responsibilities are completed on time, properly and accurately in accordance with the company’s financial closing and reporting internal control structure. This document is organized by ERP cutoff tasks and activities broken down into pre-close, recurring entries, reconciliations, internal controls and analysis & reporting.
Primary Controls Tracker - Sample
This document serves as a template to use in tracking the number of key internal controls identified in an organization. The information compiled in this template can be used to develop project status reports and plan for remediation efforts.
Process Interview Notes Template - Sample
This interview template can assist with capturing information related to a process being reviewed by internal audit. The specific information tracked in this document includes identifying key personnel, relevant IT applications, relevant risks, controls currently in place, and related control gaps.
Project Scope Change Request Form – Sample
This form documents the request to change project scope, identifying the purpose and the change management impact of the requested scope change.
Property Management System Control Requirements Matrix - Sample
This matrix provides sample application controls to consider within a property-management accounting system. This document guides the user in assessing the priority and vendor capability of each control. The control assessment is then summarized to develop an action plan.
Request for Proposal: Internal Audit and Sarbanes-Oxley Compliance
This RFP for co-sourcing internal audit and Sarbanes-Oxley compliance services provides a variety of sample questions to ask a potential outsource or co-source partner.
Request for Proposal – Quality Assessment Review: Financial Institution – Sample
This is sample request for proposal (RFP) from a financial institution seeking a service provider to conduct an evaluation of its internal audit approach and coverage of its regulated subsidiaries.
Request for Proposal – Systems Audit Work – Sample
This is an example of a relatively informal RFP for specialized systems audit outsourcing services to be coordinated by the Internal Audit Director.
Request for Proposal: Internal Audit Co-Sourcing/Outsourcing
This sample request for proposal illustrates the types of questions that can be asked of a potential internal audit outsourcing/co-sourcing service provider.
Request for Proposal: Internal Audit Co-Sourcing/Outsourcing: Sample 2
This sample request for proposal contains many questions to be considered when outsourcing or co-sourcing any part of an internal audit function.
Request for Proposal: Internal Audit Co-Sourcing/Outsourcing: Sample 3
This sample request for proposal illustrates the types of questions that can be asked of a potential internal audit outsourcing/co-sourcing service provider.
Request for Proposal: Assess IA Coverage of Banking Subsidiaries
This sample request for proposal (RFP) is used to solicit services for an assessment of the current internal audit environment at banking subsidiaries and recommendations to strengthen coverage in order to meet inherent business risks and regulatory requirements.
Request for Proposal: Internal Audit – Energy Industry
This sample request for proposal (RFP) document focuses on finding an internal audit service provider to support an organization in the energy industry. It details the process and timeline for responding to the RFP.
Request for Proposal: Internal Audit – Healthcare Industry
This sample request for proposal (RFP) document focuses on finding an internal audit service provider to support a healthcare organization. It details the process and timeline for responding to the RFP.
Request for Proposal: Internal Audit Services and Sarbanes-Oxley Regulatory Compliance
This is a sample request for proposal (RFP) and vendor questionnaire from a company seeking a service provider to establish an internal audit function with an emphasis on compliance with the Sarbanes-Oxley Act.
Request for Proposal: Internal Audit Start-Up or Outsourcing
This sample request for proposal is used to solicit qualified services to help an organization start an internal audit function.
Request for Proposal: Quality Assessment Review of Internal Audit Department
This is a sample request for proposal and vendor questionnaire from a company seeking a service provider to conduct a quality assessment review of its internal audit department and coverage of its entities.
Request for Proposal: Sarbanes-Oxley Compliance
This is a sample request for proposal (RFP) for Sarbanes-Oxley compliance assistance working with a company’s internal audit department.
Request for Qualifications: IT Professional Services Qualified Vendor List
This is a sample request for qualified IT services to help create an IT vendor list for multiple year projects. The information requested in this document includes: description of work to be performed, service categories, procedures for obtaining services, and special contracting terms and conditions.
Risk Assessment Facilitated Session Results Matrix - Sample
This template will help capture the results of a risk assessment facilitated session. It allows leaders of these sessions to document their final results in an organized format.
Risk Assessment Map and Guide
This risk assessment sample helps to identify and document critical business processes.
Risk Assessment Survey Template - Sample
The goal of Enterprise Risk Management is to identify, evaluate and manage key risks impacting an organization’s ability to achieve its objectives and strategies. This document provides a template to inventory and assess critical risk areas (business functions) and the associated risks embedded within each area. The results can be used to help develop an Internal Audit Plan. The results may also be included in the Risk Assessment Report provided to the Audit Committee.
Risk Assessment Workshop Presentation - Sample
The purpose of this presentation is to facilitate a risk assessment workshop. It explains to workshop participants the objectives and ground rules, how to identify key risks, and how to plot significance and likelihood on a risk map.
Risk, Controls, and Responsibilities for Disaster Recovery and Business Continuity - Sample
This guide outlines the risks, control objectives, manual controls, IT controls, and responsibilities related to creating, maintaining and executing disaster recovery and business continuity plans within an organization.
Role-Based Access Control Report – Sample Template
Role-based access plays a big part in an identity management strategy. The implementation of an identity management system and the associated process redesign has many benefits for an organization if done right. This document provides a sample template to outline a role-based access approach.
Sarbanes-Oxley Control Deficiency Assessment Form – Sample
This form assists in evaluating Sarbanes-Oxley control deficiencies and allows management to document related responses. The evaluation criteria includes: evidential deficiencies, potential impact to financial statements, safeguarding of assets and antifraud controls, likelihood that an error could occur, compensating controls and multiple similar control deficiencies.
Sarbanes-Oxley Review Process Tracking Worksheet - Sample
This sample helps project teams track key information and dates associated with developing Sarbanes-Oxley process documentation and management review.
Sarbanes-Oxley Section 404 Program Executive Scorecard - Sample
This document serves as an executive report template focused on the progress of the Sarbanes-Oxley Section 404 program.
Sarbanes-Oxley Section 404: Compliance Plan – Sample
This sample document establishes a framework and standard policy for compliance with Section 404 of the Sarbanes-Oxley Act.
Sarbanes-Oxley Walkthrough Preparation Memo
This Sarbanes-Oxley process memo informs and prepares business process control managers to engage in “walkthrough” discussions with auditors. In this sample, the internal and external auditors have to conduct their validation/fieldwork on internal controls in compliance with Section 404 of the Sarbanes-Oxley Act.
SAS 70 Review – Report on Assessment of Controls - Sample
Type II SAS 70 reports are an integral part of assessing a company’s internal controls over financial reporting if a company uses an outsource provider. The SAS 70 report is intended to communicate, from auditor to auditor, the testing performed around the outsource provider’s internal controls, particularly controls over IT processes. This report can help an organization communicate the findings of a Type II SAS 70 review and assess how the results of the report impact the company’s internal controls over financial reporting.
Segregation of Duties Matrix
A fundamental element of internal control is the segregation of certain key duties. The basic idea underlying segregation of duties is that no employee or group should be in a position both to perpetrate and to conceal errors or fraud in the normal course of their duties. This worksheet has been designed to highlight conflicting duties performed by one individual or group of individuals. Audit teams are encouraged to use this form to help identify potentially commingled duties within accounting processes that may constitute a control weakness.
Segregation of Duties: Controls for Significant Accounting Applications
Segregation of duties is an integral part of the internal control environment. The following assessment form will assist you in understanding a function’s segregation of duties and related internal control effectiveness. Sales, accounts receivables, related cash collections are included.
Self Assessment: Sample Session
The following is taken from an actual self assessment session, investigating possible process improvements for the Foreign Exchange process.
Service-Level Agreement Sample
This template, which includes information on scope and service details, can be used by a company when developing a service-level agreement (SLA).
Six Elements of Infrastructure - Sample Assessment Template
The Six Elements of Infrastructure Framework is a useful tool for categorizing issues, understanding where problems are occurring within the organization, and drawing conclusions to form the basis for process recommendations. This template may be used by a company when identifying, assessing, or designing processes using this framework. For each of the Six Elements of Infrastructure, this sample template provides areas to document innovative practices, current practices, and improvement opportunities.
SOX Control Deficiency Assessment Form - Sample
This form assists in evaluating SOX control deficiencies and documenting management responses. Users can also assess the severity of deficiencies noted during the documentation and testing process. The evaluation criteria includes: evidential deficiencies, potential impact to financial statements, safeguarding of assets and antifraud controls, likelihood that an error could occur, compensating controls, and multiple similar control deficiencies.
SOX Testing Documentation Template
This template can be used to document SOX internal control testing procedures, results and recommendations.
Spreadsheet Controls Procedures and Checklists for Sarbanes-Oxley Compliance - Sample
Lack of controls over spreadsheets can present a risk to the accuracy of financial statement information and may be identified as a deficiency under Sarbanes-Oxley Section 404. This document contains an example of spreadsheet control procedures. The procedures outline the access and change control steps that could be applied for financial spreadsheets. Also included is a checklist that tracks the spreadsheet control procedures and can be used in SOX spreadsheet testing.
Strategic Internal Audit Plan
This template is to be used by internal audit when developing an annual audit plan. It provides areas to document the planning approach, major projects and associated timelines, and project sponsors.
Testing Status Template - Sample
This testing status sample template can assist in tracking the testing of controls, control attributes, and testing attributes such as control description, control method, and control frequency.