The following 30 items are listed by Content Data.
Guides
Risk Assessment Guide
This tool contains four guides that can be used by auditors to understand and improve their risk assessment process.
Guides
Guide to Implementing a Self-Assessment Program
In this tool, we have included three guides that outline the best-practice elements and processes related to developing ...
Audit Reports
Entity-Level Controls Assessment Report
This document contains two sample audit reports that can be used to document management’s assessment of internal control...
Subscriber Content
Audit Programs
Monitoring Entity-Level Controls Audit Work Program
This document contains two sample programs that include general steps organizations can use when performing an entity-le...
Subscriber Content
Checklists & Questionnaires
Control Rationalization and Cost-Effectiveness Questionnaire
This tool highlights questions to consider when implementing and measuring an organization’s cost-effectiveness and cont...
Subscriber Content
Methodologies & Models
Business Self-Assessment Methodology
This tool provides an overview of the business self-assessment process and includes four components of business self-ass...
Subscriber Content
Checklists & Questionnaires
Sarbanes-Oxley Sustainable Compliance Questionnaire
This questionnaire addresses how organizations can make Sarbanes-Oxley compliance sustainable while improving business p...
Subscriber Content
Memos
SOX IT Testing Planning Memo
This memo captures details for SOX IT testing, including objectives, project scope, transaction types, key risks, coordi...
Subscriber Content
Newsletters
Corporate Culture: Are You Curious Enough?
In issue 12 of The Bulletin, Protiviti explores the question, “Are organizations curious enough to really understand all...
Subscriber Content
Articles
An Involved and Agile IT Audit Function Is Key to Cybersecurity
This article lists some questions for you to consider as you seek greater IT audit agility to manage cybersecurity and a...
Subscriber Content
Policies & Procedures
Sarbanes-Oxley Section 404 Management Testing Plan Policy
This sample policy helps to summarize management’s approach to plan, organize, execute, document and support its assessm...
Subscriber Content
Audit Reports
Entity-Level Risk Assessment Audit Report
This sample IT risk assessment audit report presents findings from an entity-level risk analysis review.
Subscriber Content