This sample report provides findings from a current IT general control framework review at a company.

New and emerging technologies will greatly influence—often by enabling and sometimes by making more complex—how companie...

This issue of Board Perspectives: Risk Oversight explores the concept of the “shamrock organization” and provides a list...

This sample audit report provides management with an assessment of its current state and associated SAP change managemen...

Digital transformation is disrupting entrenched incumbents and even whole industries. This issue of Board Perspectives: ...

This issue of Board Perspectives: Risk Oversight provides a context for understanding the most critical uncertainties co...

The purpose of this sample policy is to control application development and to ensure that application development is ef...

This issue of The Bulletin articulates a deeper understanding of the requisites of organizational confidence so that lea...

This sample policy outlines procedures to identify a company’s most critical business processes and support functions an...

The purpose of this risk management questionnaire is to help boards and management think about how they can develop a de...

Use this risk control matrix to strengthen your organization’s SDLC controls for effective risk management.

This memo focuses on IT SOX readiness procedures for an application, testing change management, computer operations and ...