This sample policy outlines procedures to identify a company’s most critical business processes and support functions an...

The purpose of this risk management questionnaire is to help boards and management think about how they can develop a de...

Use this risk control matrix to strengthen your organization’s SDLC controls for effective risk management.

This memo focuses on IT SOX readiness procedures for an application, testing change management, computer operations and ...

This memo outlines minimum IT controls around user access, change control, backup, privacy, licenses and document retent...

This internal audit engagement memo informs an auditee of an upcoming audit and includes the objectives of the audit, pr...

This memo documents a company’s approach to administering and supervising internal audit work completed by department pe...

This audit work program focuses on computer operations and IT job scheduling. Audit objectives and test steps help deter...

This issue of Board Perspectives: Risk Oversight discusses current challenges and effective practices in the board’s ove...

This memo outlines an organization's remote location audit approach.

The purpose of this memo is to document management’s approach for the current financial year's Sarbanes-Oxley compliance...

This memo summarizes the customized models used to prioritize financial statement elements (FSE) and processes for Sarba...