Sarbanes-Oxley Act

The following 220 items are listed by Content Data.
Guides

Guide to Implementing a Self-Assessment Program

In this tool, we have included three guides that outline the best-practice elements and processes related to developing ...
Mon, Nov 21, 2022
Methodologies & Models

Sarbanes-Oxley Project-to-Process Capability Maturity Model (CMM)

This capability maturity model includes the six elements of infrastructure focused on Sarbanes-Oxley project-to-process ...
Subscriber Content
Mon, Oct 3, 2022
Methodologies & Models

Sarbanes-Oxley Year-One Capability Maturity Model (CMM)

This capability maturity model includes the six elements of infrastructure focused on Sarbanes-Oxley year-one compliance...
Subscriber Content
Mon, Sep 26, 2022
Checklists & Questionnaires

Disclosure Controls Questionnaire

Use the questions included in this tool to ensure compliance regarding the public disclosure of management's assessment ...
Mon, Sep 19, 2022
Articles

SOX 404 Disclosures: An Eighteen-Year Review

Audit Analytics takes a closer look at trends in internal controls over financial reporting disclosures, spanning from f...
Mon, Sep 5, 2022
Checklists & Questionnaires

System Implementation Process Questionnaire

The questions included in this tool can be applied to the implementation of new systems or major upgrades.
Mon, Sep 5, 2022
Methodologies & Models

Six Elements of Infrastructure for Data Analytics

This sample document includes the six elements of infrastructure for an organization's data analytics process.
Subscriber Content
Mon, Aug 29, 2022
Checklists & Questionnaires

Sarbanes-Oxley Process Walkthrough Questionnaire

This tool contains two sample questionnaires that provide guidance to business units in the performance of walk-throughs...
Mon, Aug 22, 2022
Policies & Procedures

Fraud Policy

This document includes three sample policies that facilitate the development of controls that will aid in the detection ...
Subscriber Content
Mon, Aug 8, 2022
Benchmarking Reports

2022 Sarbanes-Oxley Compliance Survey

The 2022 edition of Protiviti's annual SOX report shows that costs and hours continue to increase across most, if not al...
Subscriber Content
Mon, Jul 25, 2022
Checklists & Questionnaires

Internal Audit Re-Engineering Questionnaire

This tool contains two sample documents that outline questions internal auditors should ask when evaluating the organiza...
Subscriber Content
Mon, Jul 25, 2022
Requests for Proposals - RFPs

Request for Proposal: Sarbanes-Oxley Compliance

This tool contains two sample requests for proposals (RFPs) that can be used by organizations seeking a qualified servic...
Subscriber Content
Mon, May 30, 2022
Checklists & Questionnaires

Project Management Office (PMO) Questionnaire

The questions included in this tool can be used to evaluate your project management office (PMO) functionality and proce...
Subscriber Content
Mon, May 16, 2022
Memos

Sarbanes-Oxley (SOX) Project Approach Memo

This tool contains two sample memos that serve as a report of an internal audit function’s high-level assessment of the ...
Subscriber Content
Mon, Mar 21, 2022
Audit Programs

External Financial Reporting Audit Work Program

This audit program can be used by organizations to evaluate the operating effectiveness of internal controls associated ...
Subscriber Content
Mon, Mar 14, 2022
Checklists & Questionnaires

Corporate Governance Compliance Questionnaire

The two sample questionnaires in this document focus on what boards and management should do as they work to improve cor...
Subscriber Content
Mon, Nov 29, 2021
Checklists & Questionnaires

Disclosure Committee Questionnaire

Use the questions included in this tool to ensure that all necessary quarterly financial reporting disclosures are addre...
Subscriber Content
Mon, Nov 29, 2021
Checklists & Questionnaires

Site Planning and Review Checklist

This sample checklist serves as a working document that can be used by auditors to determine whether all site visit task...
Subscriber Content
Mon, Nov 8, 2021
Articles

Impacts of COVID-19 on Public Companies

Audit Analytics looks at the pandemic’s impacts on certain aspects of financial reporting and financial health metrics o...
Subscriber Content
Mon, Oct 18, 2021
Guides

Sarbanes-Oxley Compliance and Disclosure Timeline Guide

This sample document can be used as a general guide to help companies comply with the Sarbanes-Oxley Act of 2002 pursuan...
Subscriber Content
Mon, Oct 18, 2021
Articles

AQRM Red Flags: Financial Reporting

In this article, Audit Analytics breaks down the risks associated with specific firm-level events included in the Accoun...
Subscriber Content
Mon, Oct 4, 2021
Performer Profiles

Unum Group: Pivoting to Respond to Change While Positioning for the Future

In this profile, Unum Senior Vice President of Internal Audit Miles Archer explains how his team has navigated pandemic-...
Subscriber Content
Mon, Sep 27, 2021
Charters

Corporate Audit Department Charter

This tool contains six sample charters that outline the mission statement, objectives, responsibilities and services of ...
Subscriber Content
Mon, Sep 20, 2021
Guides

Sarbanes-Oxley Compliance Committee Structure Guide

This guide discusses the duties, composition, structure and interrelationships of the disclosure committee that needs to...
Subscriber Content
Mon, Sep 20, 2021
Research Reports

Growing Number of ICFR Issues Following IPO

In this exclusive report, Audit Analytics explores trends in companies reporting internal control deficiencies immediate...
Subscriber Content
Mon, Sep 13, 2021
Articles

AQRM Red Flags: Controls

Audit Analytics examines the red flag events concerning a company’s control environment, including control weaknesses, l...
Subscriber Content
Mon, Sep 6, 2021
Checklists & Questionnaires

Complaint Reporting Process Questionnaire

This questionnaire focuses on issues that audit committees and management should consider as they collaborate to comply ...
Subscriber Content
Mon, Sep 6, 2021
Checklists & Questionnaires

Sarbanes-Oxley Compliance and Reporting Strategy Questionnaire

This tool outlines questions to consider when preparing an organization’s Sarbanes-Oxley (SOX) compliance and reporting ...
Subscriber Content
Mon, Aug 30, 2021
Articles

Initial Public Offerings: Recent Trends in Corporate Governance Risks

Audit Analytics takes a deeper look at the risks that initial public offerings pose to investors, regulators and other f...
Subscriber Content
Mon, Aug 23, 2021
Performer Profiles

Booking Holdings: Navigating a Global Crisis With a Resilience Mindset

In this profile, Booking Holdings Senior Vice President and Chief Audit Officer Marco Rozenberg describes his team’s int...
Subscriber Content
Mon, Aug 16, 2021
Audit Reports

Enterprise Resource Planning Upgrade Audit Report

Auditors can use this audit report template for conducting and documenting the results of an enterprise resource plannin...
Subscriber Content
Mon, Aug 9, 2021
Articles

SOX Compliance Under COVID-19: Considerations for Completing Quarterly Assessments

In this article, we provide a brief reminder on guidance and disclosure requirements, highlight current SEC insights and...
Subscriber Content
Mon, Aug 9, 2021
Checklists & Questionnaires

Sarbanes-Oxley Policy Evaluation Checklist

This tool provides points to consider when conducting an organization’s Sarbanes-Oxley (SOX) policy evaluation.
Subscriber Content
Mon, Aug 2, 2021
Checklists & Questionnaires

Tax Compliance Process Internal Control Questionnaire

This sample questionnaire can be used to assess the internal controls related to a company’s tax compliance process.
Subscriber Content
Mon, Jul 26, 2021
Benchmarking Reports

2021 Sarbanes-Oxley Compliance Survey

The 2021 edition of Protiviti's annual SOX report explains some of the changes SOX compliance practices have faced post-...
Subscriber Content
Mon, Jul 19, 2021
Articles

SEC Enforcement Actions Reveal Continuing Importance of Accurate Disclosures

Audit Analytics examines the recent increase in the amount of enforcement actions citing false and/or misleading stateme...
Subscriber Content
Mon, Jul 19, 2021
Checklists & Questionnaires

​Sarbanes-Oxley Testing Documentation Questionnaire

This tool includes questions to consider when documenting Sarbanes-Oxley (SOX) testing procedures, results and recommend...
Subscriber Content
Mon, Jul 19, 2021
Articles

Internal Controls Planning as Organizations Contemplate a Return to the Office

In this article, we cover three categories of control changes that companies should consider as they plan to resume in-p...
Subscriber Content
Mon, Jul 5, 2021
Charters

Board of Directors Authorization Charter

This sample establishes guidelines and responsibilities for developing a board of directors authorization charter.
Subscriber Content
Mon, Jun 28, 2021
Job Descriptions

Sarbanes-Oxley (SOX) Coordinator Job Description

This job description sample outlines the responsibilities, key selection criteria and general information for the role o...
Subscriber Content
Mon, Jun 14, 2021
Job Descriptions

Vice President, Internal Audit/Chief Audit Executive Job Description

This sample job description summarizes the responsibilities, key selection criteria and general information for the role...
Subscriber Content
Mon, Jun 7, 2021
Articles

A Farewell to Paul Sarbanes

Protiviti Managing Director Jim DeLoach honors Paul Sarbanes and highlights his efforts to protect investors and create ...
Subscriber Content
Mon, May 31, 2021
Articles

SPACs Spotlight: Filings Trend Meets Fine Print in Latest SEC Statement

In this article, we examine what was buried in the footnotes of the SEC's latest Division of Corporation Finance stateme...
Subscriber Content
Mon, May 10, 2021
Policies & Procedures

Data Classification Standard Policy

This sample policy can be used by auditors to ensure that all of the organization’s classified information is properly i...
Subscriber Content
Mon, Mar 15, 2021
Performer Profiles

Salesforce: V2MOM and Setting a Vision for Salesforce Audit

In this profile, Art Perez, senior vice president and audit executive at Salesforce, explains the V2MOM planning process...
Subscriber Content
Mon, Feb 22, 2021
Performer Profiles

Starbucks Coffee Company: Brewing Up a Balanced Blend of Innovation, Productivity and Future-Focused Capabilities

In this profile, Starbucks Vice President and Chief Audit Executive Randa Saleh shares how her team leverages data analy...
Subscriber Content
Mon, Feb 15, 2021
Articles

A Look Back at 2020

Audit Analytics shares some of its most popular articles and topics from 2020.
Subscriber Content
Mon, Feb 8, 2021
Articles

SOX Compliance Under COVID-19: The Show Must Go On (Part 1)

Part one of this two-part discussion uncovers the challenges of maintaining the full rigor of internal control requireme...
Subscriber Content
Mon, Dec 21, 2020
Checklists & Questionnaires

Evaluation of Control Deficiencies Questionnaire

This sample questionnaire can be used by auditors to efficiently assess and classify an organization’s control deficienc...
Subscriber Content
Mon, Dec 14, 2020
Audit Reports

Sarbanes-Oxley Section 404 Status Report

This document includes two sample reports that can be used to communicate the results of a Sarbanes-Oxley Section 404 re...
Subscriber Content
Mon, Dec 14, 2020
Articles

SOX 404 Disclosures: A Sixteen-Year Review

Audit Analytics examines the trends in Section 404 disclosures over a sixteen-year period, considering both auditor atte...
Subscriber Content
Mon, Dec 7, 2020
Checklists & Questionnaires

​Internal Control Structure Validation Questionnaire

This tool features questions to consider for verifying an organization’s internal controls over financial reporting (ICF...
Subscriber Content
Mon, Dec 7, 2020
Checklists & Questionnaires

Identity Management Tool Questionnaire

The questions provided in this tool can help organizations manage their security and privacy concerns specific to identi...
Subscriber Content
Mon, Nov 9, 2020
Audit Reports

Risk Assessment Audit Report

This tool includes two sample audit reports that outline steps an audit department should take when conducting a risk as...
Subscriber Content
Mon, Nov 9, 2020
Articles

SOX Compliance: Consider COVID-19 Impact on Management Review Control Execution

This article outlines steps to consider as you prepare your control documentation along with some specific assumption co...
Subscriber Content
Mon, Nov 9, 2020
Checklists & Questionnaires

Process-Based Self-Assessment Request Questionnaire

This tool contains questions and best practices to consider when implementing and/or evaluating an organization’s proces...
Subscriber Content
Mon, Nov 2, 2020
Checklists & Questionnaires

Vendor Assessment Questionnaire

This tool offers vendor assessment report questions to consider for enhancing outsourced operations common to Sarbanes-O...
Subscriber Content
Mon, Nov 2, 2020
Charters

Audit Committee Charter

This document contains nine samples that provide guidelines and standards for creating an audit committee charter.
Subscriber Content
Mon, Oct 19, 2020
Checklists & Questionnaires

Effective Internal Controls Over Financial Reporting (ICFR) Testing Questionnaire

This tool outlines best practices and questions to consider when documenting the summary and results of ICFR testing.
Subscriber Content
Mon, Oct 19, 2020
Checklists & Questionnaires

Process Owner Accountability Questionnaire

This tool provides an overview and description of process owner accountability and responsibility for testing operationa...
Subscriber Content
Mon, Oct 19, 2020
Checklists & Questionnaires

Process-Level Analytics Questionnaire

This sample questionnaire explains the benefits of using analytics tools to monitor and enhance process-level monitoring...
Subscriber Content
Mon, Oct 12, 2020
Audit Reports

Audit Committee Report — Internal Audit Update

This tool contains two sample reports that can be used by auditors for evaluating and improving the audit committee’s in...
Subscriber Content
Mon, Oct 5, 2020
Checklists & Questionnaires

Internal Controls Over Financial Reporting (ICFR) Deficiencies Questionnaire

This tool highlights questions to consider for understanding and assessing internal control over financial reporting (IC...
Subscriber Content
Mon, Oct 5, 2020
Checklists & Questionnaires

Risk Tracking and Exception Reporting Questionnaire

This tool highlights questions organizations should consider for efficiently tracking reports and reporting exceptions.
Subscriber Content
Mon, Oct 5, 2020
Checklists & Questionnaires

Configurable Application Controls Questionnaire

This sample questionnaire uses configuration tools to evaluate and improve an organization's configurable application co...
Subscriber Content
Mon, Aug 24, 2020
Checklists & Questionnaires

Standardized Testing Program Questionnaire

This tool can be used to gain a better understanding of common SOX standardized testing risks and to develop a standard ...
Subscriber Content
Mon, Aug 17, 2020
Checklists & Questionnaires

Spreadsheet Risk Optimization Questionnaire

This questionnaire outlines the process to identify who manages critical spreadsheets within an organization and identif...
Subscriber Content
Mon, Aug 10, 2020
Benchmarking Reports

2020 Sarbanes-Oxley Compliance Survey

The 2020 edition of Protiviti's annual SOX report explains some of the changes SOX compliance practices have faced since...
Subscriber Content
Mon, Jul 20, 2020
Charters

Nominating and Governance Committee Charter

This document contains four samples that provide guidelines for creating a nominating and corporate governance charter.
Subscriber Content
Mon, Jul 6, 2020
Performer Profiles

Occidental Petroleum Corporation: Drilling Down on Data

In this profile, Occidental Vice President of Internal Audit Gary Daugherty describes his team’s first steps to becoming...
Subscriber Content
Mon, Jun 22, 2020
Policies & Procedures

Finance End-User Computing Policy

This document contains two sample policies that provide guidelines and procedures for reviewing an organization’s financ...
Subscriber Content
Mon, Jun 15, 2020
Articles

SOX Risk Assessment in the Time of COVID-19

This article discusses six key considerations a company should take when performing its Sarbanes-Oxley (SOX) risk assess...
Subscriber Content
Mon, May 25, 2020
Articles

SOC Reports: Anticipating Challenges Can Help Minimize Disruption of SOX Compliance Programs

This article outlines a list of practical steps that companies can take to get ahead of the delay in SOC reports from se...
Subscriber Content
Mon, May 18, 2020
Policies & Procedures

Internal Disclosure Certification Process Policy

This policy documents the internal disclosure certification process, which is designed to provide comfort to the executi...
Subscriber Content
Mon, Mar 9, 2020
Articles

SOX Compliance: Faster Automation, Fewer Controls and How to Get There

This article reviews what parts of Sarbanes-Oxley (SOX) compliance can benefit from automation and provides credible rec...
Subscriber Content
Mon, Jan 20, 2020
Methodologies & Models

Protiviti's Sarbanes-Oxley Section 404 Compliance Initiatives Methodology

This tool provides an overview of an organization’s Sarbanes-Oxley (SOX) Section 404 compliance process and illustrates ...
Subscriber Content
Mon, Dec 30, 2019
Articles

What Investors Need to Know About Audits

In this article, Audit Analytics evaluates the state of today’s audit process by looking at four areas of financial repo...
Subscriber Content
Mon, Dec 30, 2019
Audit Programs

Database Audit Work Program

This sample audit program lists various security, change management and monitoring control activities and audit procedur...
Subscriber Content
Mon, Nov 25, 2019
Articles

SOX Control Awareness and Communication Is One Way Organizations Can Help Reduce Costs and Hours

This article outlines some communication techniques organizations can use to reduce the total number of hours spent on S...
Subscriber Content
Mon, Nov 25, 2019
Methodologies & Models

Business Continuity Management Methodology

This tool highlights seven phases of the business continuity management methodology, describing its benefits and the Pro...
Subscriber Content
Mon, Nov 11, 2019
Checklists & Questionnaires

Human Resources Internal Controls Questionnaire

This questionnaire can be used as a checklist of the basic controls for Sections 302 and 404 of the Sarbanes-Oxley Act. ...
Subscriber Content
Mon, Nov 4, 2019
Guides

Standardizing Documentation for Internal Controls Guide

This presentation serves as a guide to achieving standardization for internal control documentation.
Subscriber Content
Mon, Oct 28, 2019
Articles

Technology-Enabled SOX Compliance: Continuing the Discussion

This article shares some of the key takeaways from Protiviti’s recent SOX compliance webinar, building on the findings o...
Subscriber Content
Mon, Oct 28, 2019
Guides

Sarbanes-Oxley Section 404: Report Testing Methodology Guide

This presentation serves as a guide to train SOX project teams on testing reports that are used during the financial rep...
Subscriber Content
Mon, Oct 21, 2019
Audit Reports

Segregation of Duties Review Report

This sample report focuses on a project's final deliverables, including a project overview, remediation road map, rollou...
Subscriber Content
Mon, Oct 21, 2019
Articles

Evolution of SOX 404 Disclosures for EGCs

In this article, Audit Analytics analyzes SOX 404 disclosures as the target of those seeking to introduce further regula...
Subscriber Content
Mon, Oct 14, 2019
Guides

Documenting Processes and Controls for Sarbanes-Oxley Guide

This guide is designed to help organizations establish consistent and thorough Sarbanes-Oxley documentation standards.
Subscriber Content
Mon, Oct 7, 2019
Guides

Sarbanes-Oxley Roles and Responsibilities Guide

This sample guide can be used to understand the roles and responsibilities of team members involved in Sarbanes-Oxley (S...
Subscriber Content
Mon, Oct 7, 2019
Checklists & Questionnaires

Data Center General Controls Questionnaire

This sample questionnaire can be used to measure the processes associated with an organization’s mainframe data center g...
Subscriber Content
Mon, Sep 30, 2019
Articles

Compliance 2.0: Transforming SOX Practices With Technology

This article describes a new technology-driven SOX model, SOX compliance 2.0, and its ability to encourage innovative th...
Subscriber Content
Mon, Sep 23, 2019
Guides

Process and Activity-Level Controls Assessment Guide

This sample document can be used as a guide to assessing controls at the process or activity level.
Subscriber Content
Mon, Sep 23, 2019
Guides

Sarbanes-Oxley 404 Compliance Project Testing and Documentation Standards Guide

This guide can be used by Sarbanes-Oxley project teams to test Section 404 key controls and document the testing results...
Subscriber Content
Mon, Sep 23, 2019
Articles

Cyber Risks Drawing Increased Scrutiny in Public Company Transition

In this article, Protiviti Managing Directors Nicholas Spinks and David Taylor explain how important it is to sharpen th...
Subscriber Content
Mon, Sep 16, 2019
Guides

Sarbanes-Oxley Auditor Walkthrough Guide

This sample document can be used as a guide to help prepare company personnel for the walkthrough process related to Sar...
Subscriber Content
Mon, Sep 16, 2019
Articles

SOX Compliance Survey: One Decade of Insights

This article highlights a decade of SOX compliance efforts documented in Protiviti’s annual Sarbanes-Oxley Compliance su...
Subscriber Content
Mon, Sep 16, 2019
Audit Reports

Tax Compliance Process Report

This sample audit report outlines the business process related to tax compliance and provides tips to help a Sarbanes-Ox...
Subscriber Content
Mon, Sep 16, 2019
Guides

Sarbanes-Oxley Section 404 Compliance Guide

This sample document can be used as a guide for establishing an organization’s framework and standard policy for complia...
Subscriber Content
Mon, Sep 9, 2019
Checklists & Questionnaires

Public Company Readiness Questionnaire

This questionnaire focuses on certain aspects of the IPO preparation process and specific areas management should addres...
Subscriber Content
Mon, Aug 19, 2019
Checklists & Questionnaires

IT General Controls Questionnaire

This sample questionnaire provides several COBIT areas and related control objectives for each IT general control.
Subscriber Content
Mon, Aug 12, 2019
Checklists & Questionnaires

IT Risks and Controls SOX Compliance Questionnaire

This sample questionnaire can be used by management and board members to help determine where controls over information ...
Subscriber Content
Mon, Aug 12, 2019
Guides

Control Gap Remediation Methodology Training Guide

This guide provides Sarbanes-Oxley project teams with the steps they need to take to identify control gaps and implement...
Subscriber Content
Mon, Aug 5, 2019
Checklists & Questionnaires

Entity-Level Controls Fraud Questionnaire

This sample includes a list of questions to consider while checking an organization’s entity-level controls for fraud.
Subscriber Content
Mon, Aug 5, 2019
Checklists & Questionnaires

Code of Conduct Questionnaire

One constant for success in a rapidly changing global marketplace is the immutable bedrock of an unwavering commitment t...
Subscriber Content
Mon, Jul 29, 2019
Guides

Control Testing Responsibility Guide

This guide outlines the Sarbanes-Oxley responsibility assignments and testing process for primary manual controls.
Subscriber Content
Mon, Jul 29, 2019
Guides

Guidance for Documenting Test Results: Sarbanes-Oxley Section 404

This guide outlines steps to complete when documenting SOX Section 404 test results.
Subscriber Content
Mon, Jul 22, 2019
Guides

Sarbanes-Oxley Section 404 Committee Guide: Description and Relationships

This guide provides a detailed overview of the Sarbanes-Oxley Section 404 compliance steering committee's composition, f...
Subscriber Content
Mon, Jul 15, 2019
Checklists & Questionnaires

Inventory Management Process Controls Questionnaire

This sample questionnaire includes a list of items to consider when reviewing an organization’s inventory management pro...
Subscriber Content
Mon, Jul 8, 2019
Checklists & Questionnaires

Treasury Process Controls Questionnaire

This sample questionnaire includes a list of items to consider when reviewing an organization’s treasury process control...
Subscriber Content
Mon, Jul 8, 2019
Benchmarking Reports

2019 Sarbanes-Oxley Compliance Survey

This report describes how several emerging SOX compliance practices are growing and how the cost, hours and control coun...
Subscriber Content
Mon, Jul 1, 2019
Checklists & Questionnaires

Revenue Process Controls Questionnaire

This sample questionnaire includes a list of items to consider when reviewing an organization’s revenue process controls...
Subscriber Content
Mon, Jul 1, 2019
Checklists & Questionnaires

Exception Evaluation Questionnaire: Individual Process/Transaction-Level Controls

This sample questionnaire can be used to document and analyze exceptions identified during individual process/transactio...
Subscriber Content
Mon, Jun 24, 2019
Checklists & Questionnaires

Expenditure Process Controls Questionnaire

This sample questionnaire includes a list of items to consider when reviewing an organization's expenditure process cont...
Subscriber Content
Mon, Jun 24, 2019
Checklists & Questionnaires

Fixed Assets Process Controls Questionnaire

This sample questionnaire includes a list of items to consider when reviewing an organization’s fixed asset process cont...
Subscriber Content
Mon, Jun 24, 2019
Checklists & Questionnaires

Sarbanes-Oxley Section 404 Audit Committee Questionnaire

This document is designed for companies that have already complied with Sarbanes-Oxley Section 404 for at least one year...
Subscriber Content
Mon, Jun 24, 2019
Guides

SOX Training Guide: Remediation Efforts and Needs

An important part of complying with Sarbanes-Oxley (SOX) Section 404 is ensuring that control deficiencies are accuratel...
Subscriber Content
Mon, Jun 24, 2019
Checklists & Questionnaires

Entity-Level Control Environment Questionnaire

This questionnaire template provides a number of COSO elements and the related control objectives for entity-level contr...
Subscriber Content
Mon, Jun 17, 2019
Checklists & Questionnaires

Entity-Level Controls Information and Communication Questionnaire

This questionnaire template provides a number of COSO elements and their related control objectives for entity-level con...
Subscriber Content
Mon, May 27, 2019
Checklists & Questionnaires

Entity-Level Controls Risk Assessment Questionnaire

The objective of this questionnaire is to assess a number of COSO elements and the related objectives for entity-level c...
Subscriber Content
Mon, May 27, 2019
Checklists & Questionnaires

Sarbanes-Oxley Section 302 Diagnostic Survey

This tool helps an organization assess how well it complies with various Sarbanes-Oxley Section 302 activities.
Subscriber Content
Mon, May 27, 2019
Audit Reports

Sarbanes-Oxley Year-End Audit Committee Report

This sample report to the audit committee focuses on the progress of an organization's Sarbanes-Oxley Section 404 progra...
Subscriber Content
Mon, Apr 29, 2019
Checklists & Questionnaires

Anti-Fraud Program Evaluation Questionnaire

This document focuses on key questions for board members and management when evaluating an organization's anti-fraud pro...
Subscriber Content
Mon, Apr 8, 2019
Articles

Building Bot Boundaries: RPA Controls in SOX Systems

This article examines some of the SOX compliance challenges that may result from an RPA implementation and how to avoid ...
Subscriber Content
Mon, Apr 1, 2019
Checklists & Questionnaires

Process Integration Checklist

This checklist can be used to facilitate the division of a merging company’s subsidiaries and to evaluate the divisions’...
Subscriber Content
Mon, Apr 1, 2019
Checklists & Questionnaires

Accounts Payable Internal Controls Questionnaire

This tool features questions to consider for performing a control self-assessment of an organization’s accounts payable ...
Subscriber Content
Mon, Mar 4, 2019
Checklists & Questionnaires

Acquisition Closing Checklist

The purpose of this checklist is to document the activities performed as part of an organization's acquisitions/new busi...
Subscriber Content
Mon, Feb 25, 2019
Articles

Protiviti Survey Measures SOX Automation, Costs, Hours and More

Learn more about some of the standout Sarbanes-Oxley compliance trends for 2019 in this article, which summarizes key re...
Subscriber Content
Mon, Feb 18, 2019
Guides

Financial Statement Risk Assessment Guide

This guide provides a detailed overview of key steps to the financial statement risk assessment process, which includes ...
Subscriber Content
Mon, Feb 11, 2019
Requests for Proposals - RFPs

Request for Proposal: Internal Audit Services and Sarbanes-Oxley Regulatory Compliance

This sample request for proposal for co-sourcing internal audit and Sarbanes-Oxley compliance services provides a variet...
Subscriber Content
Mon, Feb 11, 2019
Audit Reports

IT Risks and Controls Review Report

The objective of this audit report is to reduce the volume of controls across applications, infrastructure and IT proces...
Subscriber Content
Mon, Nov 5, 2018
Audit Reports

Entity-Level Fraud Risk Assessment Process Report

This sample fraud risk assessment report provides an overview of the process one company undertook to satisfy the requir...
Subscriber Content
Mon, Oct 22, 2018
Checklists & Questionnaires

IT Application Control Deficiency Decision Process Questionnaire

This sample helps to determine the severity of any deficiencies cited during the control testing process.
Subscriber Content
Mon, Oct 1, 2018
Articles

SEC Amends Smaller Reporting Company Thresholds: A Closer Look

In this article, Protiviti’s Charles Soranno takes a closer look at a recent Flash Report on the Securities and Exchange...
Subscriber Content
Mon, Oct 1, 2018
Protiviti Booklets

Guide to Public Company Transformation

This guidance, now in its fourth edition, is designed to serve as a convenient and user-friendly resource that executive...
Subscriber Content
Mon, Sep 24, 2018
Checklists & Questionnaires

IT Infrastructure Control Deficiency Decision Questionnaire

This sample questionnaire helps to determine the severity of any deficiencies cited during the control testing process.
Subscriber Content
Mon, Sep 24, 2018
Articles

SEC Updates Disclosure Requirements

This article details recent Securities and Exchange Commission (SEC) amendments and describes how the SEC is implementin...
Subscriber Content
Mon, Sep 10, 2018
Articles

2018 SOX Survey: Benchmarking Compliance Costs

In this article, Protiviti Managing Director Keith Kawashima breaks down some of the notable trends from the 2018 SOX su...
Subscriber Content
Mon, Sep 3, 2018
Benchmarking Reports

2018 Sarbanes-Oxley Compliance Survey

This report discusses how changes continue to influence SOX compliance efforts, but the areas of most significant concer...
Subscriber Content
Mon, Aug 27, 2018
Audit Reports

Quarterly Compliance Assessment Audit Report

The purpose of this report is to document internal audit’s quarterly assessment of compliance policies and procedures an...
Subscriber Content
Mon, Aug 13, 2018
Memos

SOX IT Testing Planning Memo

This memo captures details for SOX IT testing, including objectives, project scope, transaction types, key risks, coordi...
Subscriber Content
Mon, Aug 13, 2018
Guides

Facilitating SOX Compliance Using a Committee Structure Guide

This guide discusses the duties, composition, structure and interrelationships of the disclosure committee that needs to...
Subscriber Content
Mon, Jul 30, 2018
Guides

Internal Control Owner Training Guide

This guide provides an overview of the internal controls process, including objectives, implementation, timeline, owner ...
Subscriber Content
Mon, Jul 2, 2018
Checklists & Questionnaires

Update Testing: Control Self-Assessment Questionnaire

This questionnaire helps to assess if the controls are operating effectively within a business unit.
Subscriber Content
Mon, May 28, 2018
Guides

Sarbanes-Oxley Walkthrough Guidance for General IT Controls

This tool provides guidelines for a sarbanes-oxley walkthrough for general IT controls.
Subscriber Content
Mon, May 7, 2018
Sarbanes-Oxley CPE Courses

Documenting Processes and Internal Controls (KLplus CPE Course)

This course will give you a fundamental understanding of documenting processes and internal controls.
Mon, Apr 2, 2018
Articles

2018 Audit Committee Agenda: Financial Reporting Risks

Protiviti has identified eight audit committee agenda priorities for 2018, half of which focus on financial reporting ri...
Subscriber Content
Mon, Mar 19, 2018
Audit Reports

Pre-Year 1 SOX Roadmap Audit Report

This audit report summarizes the observations, recommendations, and related remediation prioritization for business and ...
Subscriber Content
Mon, Feb 19, 2018
Guides

Sarbanes-Oxley Program Implementation Guide

This guide provides procedures, checklists and summaries that can be used to implement changes within an organization’s ...
Subscriber Content
Mon, Jan 29, 2018
Audit Reports

Controls Monitoring Quarterly Assessment Report

This sample report details an internal audit department’s quarterly assessment of ongoing controls monitoring processes....
Subscriber Content
Mon, Jan 1, 2018
Policies & Procedures

Whistleblower Policy

This policy establishes standards and procedures to ensure that the accounting and audit-related complaint handling proc...
Subscriber Content
Fri, Dec 15, 2017
Policies & Procedures

Relationship with External Auditors Policy

This sample document sets out policies and procedures for the external audit of a company.
Subscriber Content
Mon, Nov 27, 2017
Guides

Assessing Risks and Internal Controls Guide

This presentation was developed to help with training process owners to assess risks and take responsibility for managin...
Subscriber Content
Mon, Nov 6, 2017
Audit Reports

IT Risk Assessment Audit Report

This risk assessment audit report outlines findings from a high-level IT risk assessment at a company.
Subscriber Content
Mon, Oct 23, 2017
Checklists & Questionnaires

Financial Close Process Controls Questionnaire

This tool provides insights on financial close process controls, including the control objectives for financial close ac...
Subscriber Content
Mon, Oct 9, 2017
Checklists & Questionnaires

IT General Controls Survey Questionnaire

This sample tool helps to map IT responses to various questions related to different IT general controls and related pro...
Subscriber Content
Mon, Oct 9, 2017
Policies & Procedures

Sarbanes-Oxley Section 404 Management Testing Plan Policy

This sample policy helps to summarize management’s approach to plan, organize, execute, document and support its assessm...
Subscriber Content
Mon, Sep 11, 2017
Sarbanes-Oxley CPE Courses

Using the COSO Internal Control Integrated Framework for Sarbanes-Oxley Compliance (KLplus CPE Course)

This basic-level course introduces COSO and the COSO Internal Control Integrated Framework and its five components.
Mon, Apr 17, 2017
Sarbanes-Oxley CPE Courses

Executive Certification: Understanding Sections 302 and 906 of the Sarbanes-Oxley Act of 2002 (KLplus CPE Course)

This is a basic-level course that provides an overview of Sections 302 and 906 and describes disclosure controls procedu...
Mon, Apr 10, 2017
Sarbanes-Oxley CPE Courses

Internal Control Over Financial Reporting: Understanding Section 404 of Sarbanes-Oxley (KLplus CPE Course)

This basic-level training provides an overview of Section 404 of the Sarbanes-Oxley Act of 2002.
Mon, Apr 10, 2017
Sarbanes-Oxley CPE Courses

Introduction to the Sarbanes-Oxley Act of 2002 (KLplus CPE Course)

This basic-level course provides a summary of the Sarbanes-Oxley Act and provides an overview of key sections.
Mon, Apr 3, 2017
Sarbanes-Oxley CPE Courses

Validating Operational Effectiveness (Testing of Controls) (KLplus CPE Course)

This basic-level course provides an overview of Sarbanes-Oxley Section 404 requirements for validating operational effec...
Mon, Apr 3, 2017
Checklists & Questionnaires

Payroll Process Controls Questionnaire

This sample questionnaire helps with evaluating the controls in an organization’s payroll process.
Subscriber Content
Mon, Mar 27, 2017
Policies & Procedures

Sarbanes-Oxley Section 404 Compliance Project Work Paper Standards and Guidelines: Policy and Procedures

The purpose of this document is to establish basic guidelines and standards for the preparation and review of work paper...
Subscriber Content
Mon, Mar 6, 2017
Process Flows

Financial Reporting Process Flow

This process flow focuses on the annual reporting on Form 10-K and quarterly reporting on Form 10-Q.
Subscriber Content
Mon, Oct 24, 2016
Memos

Internal Control Audit Instructions Memo

This memo documents instructions for reviewing and testing a company's internal control environment.
Subscriber Content
Mon, Sep 26, 2016
Memos

Sarbanes-Oxley Multiple Locations Scoping Memo

This memo outlines the analysis performed by a company to determine the scope of internal control documentation and test...
Subscriber Content
Mon, May 16, 2016
Memos

Sarbanes-Oxley Act Project Approach Memo

The purpose of this memo is to document management’s approach for the current financial year's Sarbanes-Oxley compliance...
Subscriber Content
Mon, May 2, 2016
Memos

Entity-Level Controls Memo

This memo outlines a process for reviewing entity-level controls.
Subscriber Content
Mon, Apr 4, 2016
Memos

Process-Level Documentation Requirements Memo

This memo describes the documentation requirements for each in-scope process related to Sarbanes-Oxley Section 404 compl...
Subscriber Content
Mon, Mar 21, 2016
Memos

Financial Elements and Business Process Prioritization Memo

This memo summarizes the customized models used to prioritize financial statement elements (FSE) and processes for Sarba...
Subscriber Content
Mon, Mar 14, 2016
Memos

Sarbanes-Oxley Testing Strategy Memo

This memo documents a company's high-level testing strategy for Sarbanes-Oxley compliance.
Subscriber Content
Mon, Mar 7, 2016
Memos

Sarbanes-Oxley Section 404 Project Conclusion Memo

This memo documents an organization’s approach to Sarbanes-Oxley Section 404 compliance and concluding results from the ...
Subscriber Content
Mon, Feb 29, 2016
Memos

SOX Year-End Update Testing Memo

This memo defines the process a company uses to update testing of internal controls for Sarbanes-Oxley compliance purpos...
Subscriber Content
Mon, Feb 22, 2016
Memos

Merger and Integration Memo

This memo outlines a project to document a company’s finance and accounting processes, as well as to identify the system...
Subscriber Content
Mon, Jan 18, 2016
Audit Programs

Access to Programs and Data Audit Work Program

The purpose of this work program—focused on access to programs and data—is to outline the IT general controls to be test...
Subscriber Content
Mon, Nov 2, 2015
Audit Programs

System Backup Review Audit Work Program

The purpose of this audit program is to review an organization’s system backup procedures.
Subscriber Content
Mon, Oct 26, 2015
Audit Programs

Sarbanes-Oxley Documentation Review Audit Work Program

The objective of this audit program is to ensure that Sarbanes-Oxley (SOX) Section 404 processes are documented to commu...
Subscriber Content
Mon, Oct 12, 2015
Audit Programs

Insurance Claims Review (Healthcare) Audit Work Program

This healthcare audit program is intended to assist in determining whether internal controls in the health insurance cla...
Subscriber Content
Mon, Sep 28, 2015
Audit Programs

Program Changes Audit Work Program

This audit program focuses on auditing program change controls.
Subscriber Content
Mon, Aug 17, 2015
Audit Programs

End-User Computing Audit Work Program

This work program focuses on auditing end-user computing, specifically concentrating on identifying the IT controls to b...
Subscriber Content
Mon, Mar 16, 2015
Newsletters

COSO 2013: Why Should You Care?

This issue of Board Perspectives: Risk Oversight outlines six reasons why board members should care about the updated CO...
Subscriber Content
Mon, Aug 11, 2014
Protiviti Booklets

The Updated COSO Internal Control Framework

In this booklet, we address various questions regarding the New Framework from COSO, including the reasons why it was up...
Subscriber Content
Mon, Apr 28, 2014
Protiviti Booklets

The Updated COSO Internal Control Framework FAQ: Table of Contents

This table of contents and FAQ list is a reference for the Updated COSO Internal Control Framework FAQ.
Subscriber Content
Mon, Apr 28, 2014
Guides

COSO Internal Controls Guide: Integrated Framework

COSO's 2013 Internal Control–Integrated Framework (Framework) is expected to help organizations design and implement int...
Subscriber Content
Mon, Aug 26, 2013
Newsletters

Updated COSO Internal Control Framework: Frequently Asked Questions

In this issue of The Bulletin, we address various questions regarding the new COSO framework.
Subscriber Content
Mon, May 27, 2013
Guides

Internal Control Strategy Communication Guide

This guide outlines an example process to facilitate and communicate changes necessary to strengthen an organization’s i...
Subscriber Content
Mon, Feb 18, 2013
Protiviti Booklets

Guide to the Sarbanes-Oxley Act: IT Risks and Controls

In this booklet, we provide guidance to Section 404 compliance project teams on the consideration of information technol...
Subscriber Content
Mon, Dec 17, 2012
Policies & Procedures

Control Transition Policy

This policy establishes procedures to ensure the continued integrity of a company’s internal controls system.
Subscriber Content
Mon, Jul 30, 2012
Process Flows

SOX Process Flow: High-Level Methodology

This process flow documents a high-level methodology for Sarbanes-Oxley compliance.
Subscriber Content
Mon, Jul 30, 2012
Policies & Procedures

New Disclosures Policy

This policy is intended to facilitate the early detection and disclosure of reportable items to the SEC and to improve t...
Subscriber Content
Mon, Apr 23, 2012
Checklists & Questionnaires

Executive Certifications Questionnaire: Same Responsibilities, Higher Stakes

Executive management has always been responsible for the quality and fairness of public reporting. However, under The Sa...
Subscriber Content
Mon, Aug 30, 2010
Newsletters

Setting the 2009 Audit Committee Agenda

This issue of The Bulletin provides observations and ideas for board members to consider as they get through the trying ...
Subscriber Content
Mon, Mar 2, 2009
Newsletters

The SEC’s New Guidance on Section 404: What It Means to You

In May, the Securities and Exchange Commission (SEC) approved its interpretive guidance to management on implementing Se...
Subscriber Content
Mon, Jul 23, 2007
Newsletters

Protecting Enterprise Value Through Your Anti-Fraud Program

What is an anti-fraud program? How should companies evaluate their anti-fraud programs? In this issue of The Bulletin, w...
Subscriber Content
Mon, Dec 18, 2006
Newsletters

Section 404 Compliance: Lessons Learned for the Next 12 Months

In this issue of The Bulletin, we articulate seven lessons for improving Section 404 assessment and compliance processes...
Subscriber Content
Mon, Sep 25, 2006
Protiviti Booklets

Guide to the Sarbanes-Oxley Act

The questions answered in this booklet have risen in our discussions with clients and others in the marketplace who freq...
Subscriber Content
Mon, Jun 5, 2006
Newsletters

Enterprise Risk Management: Practical Implementation Advice

What leaves many cold on the subject of ERM is the inability to quickly grasp what it is. This issue of The Bulletin add...
Subscriber Content
Mon, Feb 27, 2006
Newsletters

Section 404 Compliance: Planning for Next Year

This issue of The Bulletin focuses on some of the opportunities companies should consider as they plan for Year Three of...
Subscriber Content
Mon, Nov 21, 2005
Protiviti Booklets

Frequently Asked Questions Regarding Compliance with OMB Circular A-123

In this booklet, we answer questions about complying with OMB Circular A-123.
Subscriber Content
Mon, Oct 24, 2005
Newsletters

Wanted: A Cost-Effective Approach to Validating Performance of the Internal Control Structure

This issue of The Bulletin addresses the importance of integrating self-assessment, entity-level monitoring, and indepen...
Subscriber Content
Thu, Aug 25, 2005
Newsletters

Achieve Sustainability by Integrating the Section 404 and Section 302 Compliance Process

In this issue of The Bulletin, we focus on strategies for integrating compliance activities around Sections 302 and 404 ...
Subscriber Content
Mon, Apr 4, 2005
Newsletters

Driving Value Out of the Section 404 Compliance Process

In this issue of The Bulletin, we incorporate insights and lessons learned regarding finance processes and show how valu...
Subscriber Content
Mon, Mar 14, 2005
Newsletters

The Self-Assessment Process: Management’s Tool for Reinforcing Process Owner Accountability

In this issue of The Bulletin, we discuss the self-assessment process and how one can be implemented to reinforce proces...
Subscriber Content
Mon, Jan 31, 2005
Newsletters

Building Upon Section 404 Compliance: Moving Beyond Year One

In this issue of The Bulletin, we outline imperative steps for certifying officers to take to demonstrate care in reinfo...
Subscriber Content
Mon, Jul 26, 2004
Newsletters

Establishing an Effective Complaint and Confidential, Anonymous Reporting Process

In this edition of The Bulletin, we address the issues that audit committees and management should consider as they coll...
Subscriber Content
Mon, Feb 2, 2004
Newsletters

Technology Risks and Controls: What You Need to Know

In this issue of The Bulletin, we focus on the relevance of IT risks and controls to a company’s meeting the internal co...
Subscriber Content
Mon, Jan 19, 2004
Newsletters

The Expanded Responsibilities of the Audit Committee: A New Mandate

This issue of The Bulletin explores the new requirements of audit committees and their implications, and suggests six ke...
Subscriber Content
Mon, Dec 1, 2003
Newsletters

Internal Control Over Financial Reporting: An Update on Section 404 of Sarbanes-Oxley

The SEC released its final rules in June 2003 regarding Section 404, making time an asset rather than a liability. This ...
Subscriber Content
Mon, Aug 25, 2003
Protiviti Booklets

Capitalizing on Sarbanes-Oxley Compliance to Build Supply Chain Advantage

This booklet, co-produced by Protiviti and APICS, details how the Sarbanes-Oxley Act (SOX) has a complementary impact on...
Subscriber Content
Mon, Jun 23, 2003
Newsletters

Strengthening Governance Through Risk Management

This issue of The Bulletin provides five comprehensive recommendations for strengthening governance through improved ris...
Subscriber Content
Mon, Jun 2, 2003
Newsletters

Internal Controls Over Financial Reporting: Understanding Section 404 of Sarbanes-Oxley

In this issue of The Bulletin, we address in detail Section 404, a provision of SOX that is certain to garner the attent...
Subscriber Content
Mon, Mar 24, 2003
Newsletters

The Code of Conduct: Laying a Cornerstone for Effective Governance

In this issue of The Bulletin, we provide important steps for boards of directors and management to consider in designin...
Subscriber Content
Mon, Mar 3, 2003
Newsletters

Staying Focused on Core Business Issues Amid Corporate Governance Compliance

In this issue of The Bulletin, we cover the basics of corporate governance compliance.
Subscriber Content
Mon, Dec 23, 2002
Newsletters

Executive Certifications: Same Responsibilities, Higher Stakes

In this issue of The Bulletin, we answer several important questions regarding these new requirements.
Subscriber Content
Mon, Nov 18, 2002
Protiviti Booklets

FAQ: Sarbanes-Oxley Act Executive Certification Requirements

This booklet describes a major area of emphasis for many companies preparing to make their first filing subsequent to Au...
Subscriber Content
Mon, Oct 21, 2002
Newsletters

The Changing Corporate Governance Landscape and Its Implications

This issue of The Bulletin reviews examples of what the board of directors and management should do as they work to impr...
Subscriber Content
Mon, Oct 14, 2002
Newsletters

The Role of Personal Accountability in the New Environment

This issue of The Bulletin outlines seven key principles that provide a framework for establishing and reinforcing the p...
Subscriber Content
Mon, Sep 30, 2002
Blog

Comparing U.S. Sarbanes-Oxley with C-SOX (Bill 198) and J-SOX (FIE)

As a result of the infamous Enron and WorldCom scandals, the U.S. reacted with strict guidelines to re-esta...
Sun, Sep 10, 2017
Blog

Disclosure Controls and Procedures: Key Facts You Need to Know

The SEC introduced “disclosure controls and procedures” as a new term in its initial August 29, 2002, relea...
Thu, Feb 27, 2020
Sarbanes-Oxley CPE Courses

Introduction to the Sarbanes-Oxley Act of 2002 (KLplus FREE SAMPLE Course)

This sample KLplus course is intended to provide a preview of what you'll receive when you sign up for a full KLplus mem...
Newsletters

The Bulletin Newsletters

The Bulletin is a periodic newsletter from Protiviti offering detailed insights on corporate governance and related risk...