This tool contains four guides that can be used by auditors to understand and improve their risk assessment process.

An effective organization of consequence, whether public or private, attempts to strike a balance between i...

This document contains two sample audit reports that can be used to document management’s assessment of internal control...

This tool highlights questions to consider when implementing and measuring an organization’s cost-effectiveness and cont...

In January 2013, the updated version of the Committee of Sponsoring Organizations of the Treadway Commissio...

The SEC introduced “disclosure controls and procedures” as a new term in its initial August 29, 2002, relea...

This tool provides an overview of the business self-assessment process and includes four components of business self-ass...

This sample includes a list of questions to consider while checking an organization’s entity-level controls for fraud.

This questionnaire template provides a number of COSO elements and the related control objectives for entity-level contr...

This questionnaire template provides a number of COSO elements and their related control objectives for entity-level con...

Monitoring is a process that assesses the quality of the entity's internal control performance over time. This template ...

This memo captures details for SOX IT testing, including objectives, project scope, transaction types, key risks, coordi...