This memo's purpose is to notify an individual regarding the possibility of a personal information breach and explain th...

The purpose of this memo is to document management’s approach for the current financial year's Sarbanes-Oxley compliance...

This memo outlines an internal audit review of an organization's mobile device procurement process.

This audit work program outlines steps for executing an IT project governance audit.

This is a sample email sent by the process owner to finance staff regarding the documentation of controls over spreadshe...

This issue of Board Perspectives summarizes the top risks for 2016 as identified by North Carolina State University’s ER...

This document outlines risks and controls common to the “define IT strategy and organization” process in a risk control ...

This audit program focuses on testing human resources system controls during the pre-implementation phase.

This memo documents an organization’s approach to Sarbanes-Oxley Section 404 compliance and concluding results from the ...

This memo defines the process a company uses to update testing of internal controls for Sarbanes-Oxley compliance purpos...

This issue of Board Perspectives: Risk Oversight outlines important lessons for board members to consider as directors e...

The purpose of this work program—focused on access to programs and data—is to outline the IT general controls to be test...