Entity-Level Control

This tool contains four guides that can be used by auditors to understand and improve their risk assessment process.

In this tool, we have included three guides that outline the best-practice elements and processes related to developing ...

This document contains two sample audit reports that can be used to document management’s assessment of internal control...

This document contains two sample programs that include general steps organizations can use when performing an entity-le...

This tool highlights questions to consider when implementing and measuring an organization’s cost-effectiveness and cont...

This tool provides an overview of the business self-assessment process and includes four components of business self-ass...

This questionnaire addresses how organizations can make Sarbanes-Oxley compliance sustainable while improving business p...

This memo captures details for SOX IT testing, including objectives, project scope, transaction types, key risks, coordi...

In issue 12 of The Bulletin, Protiviti explores the question, “Are organizations curious enough to really understand all...

This article lists some questions for you to consider as you seek greater IT audit agility to manage cybersecurity and a...

This sample policy helps to summarize management’s approach to plan, organize, execute, document and support its assessm...

This sample IT risk assessment audit report presents findings from an entity-level risk analysis review.