Vendor Management Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s vendor management process and to assist its progress from the initial/ad-hoc state toward the optimized state.
UPDATED WORK PROGRAM
Fixed Asset Accounting Review Audit Work Program
This audit program reviews the adequacy and efficiency of current capital asset management policies and procedures as they relate to asset procurement, tracking and monitoring, recording and reporting, disposal of assets, and depreciation.
UPDATED AUDIT REPORT
Corporate Treasury Review Audit Report
This sample internal audit report illustrates treasury review objectives, scope and procedures performed. It includes a sample of treasury review observations and management implementation plans that address these issues.
Financial Close Process Questionnaire: Generate Financial Statements and Disclosures
This questionnaire focuses on the financial close process, specifically generating financial statements and related disclosures.
Entity-Level Control Environment Questionnaire
This questionnaire template provides a number of COSO elements and the related control objectives for entity-level controls. Within the questionnaire, you can document whether the control exists, whether it was designed properly, related test procedures, and management's action plan for deficiencies.
IT Capacity and Scalability Risk Questionnaire
This questionnaire outlines business risks and leading practices for both capacity and scalability in the IT business environment.
Enterprise Risk Assessment Process Questionnaire
This questionnaire addresses key issues that boards and management should consider as they evaluate their confidence in the organization’s enterprise risk assessment process.
UPDATED REQUEST FOR PROPOSAL
Request for Proposal: Establishing an Internal Audit Function
This sample request for proposal (RFP) is used to solicit services to establish an internal audit function. It discusses the standard information providers should include in their proposals.
Managing Risk in an Agile Organization
This article shares Protiviti’s perspective and philosophy on establishing leading practices for ensuring that risk management is designed appropriately to keep pace with agile organizations.
HOT ISSUE ARTICLES
Top Risks 2019: Anxiety Grows Over ‘‘Born Digital’’ Competitors
In this article, Protiviti Managing Director Jonathan Wyatt explains what organizations need to do to obtain a true digital mindset.
Pursuing Next-Gen Business Opportunities With Better Data Governance
This article provides an overview of data governance as an essential business exercise, presents some strategic opportunities it will enable, and discusses key data governance considerations.
Cyber Risk Assessment: Moving Past the ‘‘Heat Map Trap’’
In this article, Protiviti Associate Director Vince Dasta offers a clear path to implementing a risk assessment program that is authentically quantitative and in which confidence is justified.
@ISACA Volume 11
This edition of ISACA's newsletter discusses risk analysis, how to view your cybersecurity program holistically, how to implement continuous oversight and monitoring of your enterprise’s cloud services, the results of Protiviti and ISACA's 2019 IT Audit Benchmarking Study, and more. Source: isaca.org
Internal Auditors’ Response to Disruptive Innovation
This report identifies 10 of the most current innovations and disruptions occurring in the business environment; explores how internal audit functions are responding (or not responding) to this disruption; and provides best practices for internal audit functions of all sizes to respond to disruptions, individually or as a whole, in a proactive manner. Source: theiia.org
KNOWLEDGELEADER BLOG POST
How to Evaluate Your Corporate Culture
Internal auditors often talk about the “tone at the top” – the idea that corporate culture begins with the example set by senior management. But while conduct at the top is where it all starts, it does not end there. This week's blog post explores how to evaluate the corporate culture at your company.
FEATURED KLplus CPE TRAINING COURSE
Internal Control Over Financial Reporting: Understanding Section 404 of Sarbanes-Oxley
This basic-level training provides an overview of Section 404 of the Sarbanes-Oxley Act of 2002. The course explains the requirements and effective dates, defines internal control over financial reporting, identifies which companies must comply and when they must comply. The completed course is worth 0.5 CPE credit, and by the end of the course, the learner will be able to:
DID YOU KNOW?
Entity-Level Control Topic
- Identify the requirements and key guidelines of Section 404
- Identify the definition of, and characteristics of internal control over financial reporting
- Identify who should be involved in complying with Section 404
- Identify steps in an approach to complying with Section 404
KnowledgeLeader has over 80 pieces of content focused on entity-level controls. So, what are you waiting for? Come explore our publications and tools!
CCH TAX AND ACCOUNTING - ACCOUNTING RESEARCH MANAGER UPDATES
Weekly Summary of Accounting, SEC, and Auditing Developments
TOP 5 PAGES ON KNOWLEDGELEADER
- Not-for-Profits – FASB Issues Staff Q&A on Implementing the New Not-for-Profit Grants and Contracts Standard
- SOX 404 – New Edition of Guide to Internal Controls Published
- Professional Ethics – PEEC Revises Interpretations on Information System Services and Government Client Affiliates
These were the most popular items on KnowledgeLeader last week:
- Internal Audit Performance Measures Key Performance Indicators (KPIs)
- AR and Cash Application Process Flow
- Financial Close Process Capability Maturity Model (CMM)
- The Future Auditor Goes Digital
- Financial Close Process Questionnaire: Analyze Financial Results