The following 281 items are listed by Content Data.
Articles
Future of Sustainability and ESG Standards With Janine Guillot, Value Reporting Foundation CEO
Protiviti’s Bob Hirth and Value Reporting Foundation CEO Janine Guillot sat down to discuss the agenda of the ISSB and t...
Subscriber Content
Methodologies & Models
Merchandise Procurement Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s merchandise procurement process ...
Subscriber Content
Methodologies & Models
Revenue Process Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s revenue process and to assist it...
Subscriber Content
Methodologies & Models
Internal Controls Over Financial Reporting Compliance Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s compliance with internal control...
Subscriber Content
Methodologies & Models
IT Support Service Desk Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s IT support service desk manageme...
Subscriber Content
Methodologies & Models
IT Program Portfolio Management Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s IT portfolio management process ...
Subscriber Content
Methodologies & Models
Security Governance Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s security governance process and ...
Subscriber Content
Policies & Procedures
Information Technology (IT) Security Policy
This document contains three sample policies that establish guidelines an organization should follow to ensure that its ...
Subscriber Content
Methodologies & Models
IT Management Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s IT management process and to ass...
Subscriber Content
Methodologies & Models
Security Management Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s security management process and ...
Subscriber Content
Methodologies & Models
Employee Labor/Management Relations Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s employee labor/management relati...
Subscriber Content
Methodologies & Models
Finance Process Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s finance process and to assist it...
Subscriber Content
Policies & Procedures
Fraud Policy
This document includes three sample policies that facilitate the development of controls that will aid in the detection ...
Subscriber Content
Methodologies & Models
Store Audit Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s store audit process and to assis...
Subscriber Content
Methodologies & Models
Security Risk Management Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s security risk management process...
Subscriber Content
Methodologies & Models
Corporate Actions Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s corporate actions process and to...
Subscriber Content
Methodologies & Models
Enterprise Risk Management Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s enterprise risk management proce...
Subscriber Content
Guides
Enterprise Risk Management Summary Approach Guide
This tool contains three guides that focus on the infrastructure, foundational concepts and implementation of the enterp...
Subscriber Content
Methodologies & Models
Equal Employment Opportunity Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s equal employment opportunity pro...
Subscriber Content
Methodologies & Models
Incident Management Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s incident management process and ...
Subscriber Content
Methodologies & Models
Enterprise Resource Planning Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s ERP management process and to as...
Subscriber Content
Methodologies & Models
Human Resources Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s human resources management proce...
Subscriber Content
Methodologies & Models
Inventory Management Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s inventory management process and...
Subscriber Content
Articles
The Russian Sanctions: A Catalyst for ESG?
A look at some of the key challenges across the ESG dimensions and how finance firms can shape a more robust and mature ...
Subscriber Content
Methodologies & Models
Intellectual Property Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s intellectual property management...
Subscriber Content
Audit Programs
Configuration Controls Audit Work Program
In this work program sample, we provide general best-practice steps for the configuration controls audit process.
Subscriber Content
Methodologies & Models
Financial Reporting Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s financial reporting process and ...
Subscriber Content
Methodologies & Models
Business Continuity Management Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s business continuity management p...
Subscriber Content
Job Descriptions
Chief Risk Officer Job Description
Organizations can use this sample job description as a starting point to fully define the responsibilities and qualifica...
Subscriber Content
Benchmarking Tools
Internal Audit Value Scorecards
This tool contains scorecards that provide various guidelines for managing and measuring the performance of an internal ...
Subscriber Content
Checklists & Questionnaires
Project Management Office (PMO) Questionnaire
The questions included in this tool can be used to evaluate your project management office (PMO) functionality and proce...
Subscriber Content
Methodologies & Models
Compliance Risk Management Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s compliance risk management proce...
Subscriber Content
Guides
Ethics Program Guide
This tool contains two sample guides that can be used by auditors to implement an effective ethics program.
Subscriber Content
Memos
Staff Success Sharing Plan Memo
This sample memo serves as a report of an internal audit function’s high-level assessment of the company’s staff success...
Subscriber Content
Methodologies & Models
Contract Management Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s contract management process and ...
Subscriber Content
Audit Programs
Control Environment Audit Work Program
This audit work program focuses on the control environment component of the COSO Framework.
Subscriber Content
Checklists & Questionnaires
Control Self-Assessment Questionnaire
The two self-assessment questionnaire samples in this document can be used to design, adhere to and monitor a company’s ...
Subscriber Content
Methodologies & Models
Access Controls Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s access controls process and to a...
Subscriber Content
Articles
AQRM Red Flags: Shareholder Activism
Audit Analytics examines shareholder activism risk and how it is defined and categorized within its Accounting Quality +...
Subscriber Content
Methodologies & Models
Identity Access Management Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s business continuity management p...
Subscriber Content
Checklists & Questionnaires
Integrating Section 404 and Section 302 Compliance Questionnaire
This tool contains two sample questionnaires that can be used by management and board members to achieve a sustainable i...
Subscriber Content
Audit Programs
Corporate Actions Audit Work Program
In this work program sample, we highlight general best-practice steps for the capital raise audit process.
Subscriber Content
Checklists & Questionnaires
Corporate Governance Compliance Questionnaire
The two sample questionnaires in this document focus on what boards and management should do as they work to improve cor...
Subscriber Content
Checklists & Questionnaires
Disclosure Committee Questionnaire
Use the questions included in this tool to ensure that all necessary quarterly financial reporting disclosures are addre...
Subscriber Content
Checklists & Questionnaires
Enterprise Risk Assessment Process Questionnaire
The questions provided in this sample can be used to analyze and enhance your enterprise risk assessment strategy.
Subscriber Content
Articles
AQRM Red Flags: Auditors
Audit Analytics looks at the auditor-specific aspects of its Accounting Quality + Risk Matrix (AQRM) and explains why so...
Subscriber Content
Charters
Disclosure Committee Charter
This document provides two examples of guidelines for creating a disclosure committee charter.
Subscriber Content
Policies & Procedures
IT Risk Assessment Policy
The objective of this policy is to provide a standardized approach and operating instructions for the execution of a com...
Subscriber Content
Articles
Attention, CFOs: Your Most Important Asset Is Not on Your Balance Sheet
Here, we focus on customer relationship values and provide core benefits a company can achieve by focusing on its custom...
Subscriber Content
Charters
Corporate Audit Department Charter
This tool contains six sample charters that outline the mission statement, objectives, responsibilities and services of ...
Subscriber Content
Guides
Sarbanes-Oxley Compliance Committee Structure Guide
This guide discusses the duties, composition, structure and interrelationships of the disclosure committee that needs to...
Subscriber Content
Regulatory Updates
Leveling the Playing Field for Third-Party Risk Management Requirements
In this Flash Report, we summarize the opportunities and key takeaways around third-party risk management lifecycle cons...
Subscriber Content
Methodologies & Models
Anti-Money Laundering Capability Maturity Model (CMM)
This tool defines the capability maturity indicators for the anti-money laundering process, from the initial stage throu...
Subscriber Content
Policies & Procedures
Document Retention Program Policy
In this document, we provide two sample policies that establish definitions, guidelines and procedures an organization s...
Subscriber Content
Regulatory Updates
Bogus Whistleblower Complaints Are Making the Rounds
This flash report serves to alert companies to a growing trend of disinformation making the rounds through well-written ...
Subscriber Content
Guides
Project Management Office Governance Guide
This document provides a guide to understanding and standardizing the objectives, structure and operating principles of ...
Subscriber Content
Charters
Quality Assurance Function Charter
This sample establishes guidelines and responsibilities for creating a quality assurance function charter.
Subscriber Content
Charters
HR and Compensation Committee Charter
This sample establishes guidelines for creating an HR and compensation committee charter.
Subscriber Content
Charters
Project Management Charter Template
This sample document provides guidelines for creating an organization's project management charter.
Subscriber Content
Charters
Business Continuity Program Charter
This sample establishes guidelines for developing a business continuity program charter.
Subscriber Content
Charters
IT Change Advisory Board Charter
This sample provides key roles and responsibilities for creating an IT change advisory board charter.
Subscriber Content
Charters
Risk Management Oversight Committee Charter
This sample outlines responsibilities and duties for establishing a risk management oversight committee charter.
Subscriber Content
Articles
The Three C’s of a Quality Cloud Audit
This article outlines Protiviti's comprehensive cloud audit approach, which is based on leading practices and frameworks...
Subscriber Content
Charters
Board of Directors Authorization Charter
This sample establishes guidelines and responsibilities for developing a board of directors authorization charter.
Subscriber Content
Charters
Emergency Executive Committee Charter
This sample provides guidelines and responsibilities for creating an emergency executive committee charter (EEC).
Subscriber Content
Articles
The Future Auditor Faces the Digital Imperative
We outline why the adoption of next-generation best practices needs to be a priority for every internal audit organizati...
Subscriber Content
Articles
Importance of Internal Controls for Cybersecurity
Audit Analytics examines the increase in cybersecurity breaches disclosed by public companies since 2011.
Subscriber Content
Benchmarking Reports
2021 Internal Audit Capabilities and Needs Survey
For most internal audit groups, the next-generation audit journey is just beginning. The results of our 2021 Internal Au...
Subscriber Content
Audit Programs
Data Privacy Audit Work Program
This work program sample highlights general steps an organization should follow with respect to effective data privacy.
Subscriber Content
Guides
Auditing Corporate Governance Guide
This tool contains two guides that can be used by auditors to assess and understand the four pillars of an organization’...
Subscriber Content
Benchmarking Tools
Manage Government Relations Key Performance Indicators (KPIs)
This document includes leading practices and questions organizations can use to effectively manage government relations.
Subscriber Content
Regulatory Updates
SEC Indicates Greater Interest in Climate Change Disclosures
This Flash Report identifies five proactive steps companies should take to evaluate how their climate-related disclosure...
Subscriber Content
Performer Profiles
Olympus Corporation: ‘‘T’’ Is for Transformation ... and Team
In this profile, Richard Lebitz, global chief internal audit officer at Olympus, summarizes his internal audit team’s fi...
Subscriber Content
Audit Programs
Big Data Audit Work Program: Data Security Management
This work program template highlights general steps an organization should follow with respect to effective data securit...
Subscriber Content
Newsletters
10 ESG Reporting Questions Directors Should Consider
This issue of Board Perspectives: Risk Oversight poses 10 questions boards should focus on to ensure sustainable and res...
Subscriber Content
Guides
Initial Public Offering (IPO) Guide
This tool contains two sample guides that can be used for successfully handling and organizing a private company’s publi...
Subscriber Content
Audit Reports
Sarbanes-Oxley Section 404 Status Report
This document includes two sample reports that can be used to communicate the results of a Sarbanes-Oxley Section 404 re...
Subscriber Content
Policies & Procedures
HIPAA PHI Policy
This sample contains eight policies that outline procedures governing the handling of protected health information (PHI)...
Subscriber Content
Policies & Procedures
Confidentiality Policy
This tool includes three sample policies that highlight guidelines and procedures for maintaining the confidentiality of...
Subscriber Content
Checklists & Questionnaires
Project Management Office (PMO) Strength Questionnaire
This tool provides cost-effective project management questions to consider for examining and enhancing an organization’s...
Subscriber Content
Charters
Audit Committee Charter
This document contains nine samples that provide guidelines and standards for creating an audit committee charter.
Subscriber Content
Policies & Procedures
Risk Management Policy
This tool contains three sample policies that establish standards and procedures with a common and systematic approach f...
Subscriber Content
Charters
Compensation Committee Charter
This document contains three samples that provide guidelines for creating an organization's compensation committee chart...
Subscriber Content
Audit Programs
Monitoring Entity-Level Controls Audit Work Program
This document contains two sample programs that include general steps organizations can use when performing an entity-le...
Subscriber Content
Articles
The COVID-19 Effect on IPOs: Pre-Public Firms Press ‘‘Pause’’ for Now, but IPO Readiness Must Continue
This article explains the current pace of companies' initial public offerings from COVID-19 and outlines measures organi...
Subscriber Content
Charters
Nominating and Governance Committee Charter
This document contains four samples that provide guidelines for creating a nominating and corporate governance charter.
Subscriber Content
Audit Programs
Corporate Responsibility Audit Work Program
This document contains two sample audit programs that outline general steps organizations can use to perform a corporate...
Subscriber Content
Articles
Make ESG Part of the Public Company Readiness Checklist — Your Valuation Could Depend on It
This article describes how environmental, social and governance (ESG) reporting could move over time to becoming a must-...
Subscriber Content
Articles
BlackRock’s Larry Fink Draws Another Line in the Sand — The Message Is Getting Clearer
This article covers important points from Protiviti’s recent Flash Report on BlackRock Chairman and CEO Larry Fink's mos...
Subscriber Content
Methodologies & Models
Financial Close Process Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s financial close process and to a...
Subscriber Content
Policies & Procedures
Policy and Practice Development Policy
This tool contains two sample policies that establish guidelines for the formulation, finalization and maintenance of an...
Subscriber Content
Methodologies & Models
Capability Maturity Model (CMM)
The capability maturity model can be used to measure the maturity of an organization’s improved performance and to assis...
Subscriber Content
Articles
SOX Compliance: Faster Automation, Fewer Controls and How to Get There
This article reviews what parts of Sarbanes-Oxley (SOX) compliance can benefit from automation and provides credible rec...
Subscriber Content
Methodologies & Models
Procurement Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s procurement process and to assis...
Subscriber Content
Policies & Procedures
Equity Award Valuation Policy
This sample policy provides an overview of procedures organizations should perform during the equity award valuation pro...
Subscriber Content
Audit Programs
Investments Audit Work Program
This audit program sample includes steps that can be used to audit an organization’s investments process.
Subscriber Content
Newsletters
The Purpose of the Corporation and the Future of Work
This issue of The Bulletin focuses on addressing the corporation’s role in shaping the future of work.
Subscriber Content
Guides
Assessing Effectiveness of a Process or Program Guide
This sample guide can be used to evaluate the design effectiveness of a process or program and to develop a subsequent t...
Subscriber Content
Methodologies & Models
Sarbanes-Oxley Project-to-Process Capability Maturity Model (CMM)
This capability maturity model includes the six elements of infrastructure focused on Sarbanes-Oxley project-to-process ...
Subscriber Content
Methodologies & Models
Sarbanes-Oxley Year-One Capability Maturity Model (CMM)
This capability maturity model includes the six elements of infrastructure focused on Sarbanes-Oxley year-one compliance...
Subscriber Content
Articles
FASB Proposes Delaying New Lease Standards for Private Companies, But There’s No Time to Waste
This article summarizes the lease accounting standard pressures organizations face and offers a step-by-step process for...
Subscriber Content
Guides
Sarbanes-Oxley Auditor Walkthrough Guide
This sample document can be used as a guide to help prepare company personnel for the walkthrough process related to Sar...
Subscriber Content
Checklists & Questionnaires
Entity-Level Controls Fraud Questionnaire
This sample includes a list of questions to consider while checking an organization’s entity-level controls for fraud.
Subscriber Content
Methodologies & Models
Nonprofit Governance Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s nonprofit governance management ...
Subscriber Content
Articles
SEC Expected to Approve Reg BI in ‘‘the Next Few Months’’ but Final Outcome Remains Uncertain
In this article, Protiviti Managing Director Douglas Wilbert outlines the Securities and Exchanges Commission's standard...
Subscriber Content
Articles
When Does Insurance Cover Cyberattacks?
In this article, Audit Analytics explores recent trends in cybercrime, including insurance payout pushback and what comp...
Subscriber Content
Checklists & Questionnaires
Code of Conduct Questionnaire
One constant for success in a rapidly changing global marketplace is the immutable bedrock of an unwavering commitment t...
Subscriber Content
Guides
Sarbanes-Oxley Section 404 Committee Guide: Description and Relationships
This guide provides a detailed overview of the Sarbanes-Oxley Section 404 compliance steering committee's composition, f...
Subscriber Content
Articles
SEC Comment Letters: An Eight-Year Trend
In this article, Audit Analytics examines standout trends from the last eight years of SEC comment letters.
Subscriber Content
Articles
Corporate Social Responsibility: Are Tech Firms Doing Enough?
In this podcast transcript, Protiviti leaders Gordon Tucker, Jim DeLoach and Matt Moore discuss corporate social respons...
Subscriber Content
Newsletters
Is Your Board Future-Ready?
This issue of Board Perspectives: Risk Oversight provides eight suggestions for preparing to be a future-ready board.
Subscriber Content
Audit Reports
Sarbanes-Oxley Section 404 Program Executive Scorecard Report
This document serves as an executive report template focused on the progress of a company's Sarbanes-Oxley Section 404 p...
Subscriber Content
Articles
ESG Reporting Is Now a Competitive Differentiator for Technology Firms
In this article, Gordon Tucker and Bob Hirth explain what it means to be a responsible technology firm and outline issue...
Subscriber Content
Articles
Pros and Cons of Using Non-GAAP Metrics for Executive Compensation, Including ESG Considerations
Here, Audit Analytics discusses the frequently debated topic of companies that use non-GAAP metrics for executive compen...
Subscriber Content
Checklists & Questionnaires
Entity-Level Control Environment Questionnaire
This questionnaire template provides a number of COSO elements and the related control objectives for entity-level contr...
Subscriber Content
Articles
ICFR Weakness as a Risk Factor — Similarities in Companies With Ineffective Controls
In this article, Audit Analytics highlights three companies with internal control weaknesses and examines their common i...
Subscriber Content
Articles
Could SEC Charges Have Been Predicted for GT Advanced Technologies?
In this article, Audit Analytics explains exactly what led to the SEC’s recent charges against GT Advanced Technologies ...
Subscriber Content
Articles
Proactive ESG Reporting Could Give Energy and Utilities Firms a Competitive Advantage
In this article, Protiviti’s Tyler Chase and Bob Hirth offer reporting tips that can lead to positive bottom-line result...
Subscriber Content
Methodologies & Models
Fixed Asset Management Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s fixed asset management process a...
Subscriber Content
Articles
Planning to Go Public in 2019? How to Get and Stay IPO-Ready Through the Government Shutdowns and Other Market Conditions
If your organization is considering a public offering in 2019, we recommend you review this article to learn the fundame...
Subscriber Content
Articles
Slow Adoption Progress of ASC 842 – Leases
The FASB issued a new lease accounting standard (ASC 842) in February 2016, but it didn’t come into effect until 2019 fo...
Subscriber Content
Checklists & Questionnaires
Entity-Level Controls Monitoring Questionnaire
Monitoring is a process that assesses the quality of the entity's internal control performance over time. This template ...
Subscriber Content
Articles
The Responsible Tech Firm Series Part 4: Corporate Social Responsibility
Protiviti has published a four-part series on key considerations for the responsible technology firm of the future. This...
Subscriber Content
Checklists & Questionnaires
Global Compliance Questionnaire
This questionnaire can serve as the starting point for assessing an organization's compliance in a variety of areas, inc...
Subscriber Content
Checklists & Questionnaires
Business Ethics Questionnaire
This questionnaire is designed to help risk management professionals determine how well their companies are addressing b...
Subscriber Content
Methodologies & Models
Regulatory Compliance Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s regulatory compliance process an...
Subscriber Content
Checklists & Questionnaires
Anti-Fraud Program Evaluation Questionnaire
This document focuses on key questions for board members and management when evaluating an organization's anti-fraud pro...
Subscriber Content
Checklists & Questionnaires
Corruption Risk Management Questionnaire
This questionnaire can be used to assess an organization's management of corruption risk, the Foreign Corrupt Practices ...
Subscriber Content
Methodologies & Models
Revenue Assurance: Invoice Deduction Process Capability Maturity Model (CMM)
This document provides a model and six elements of infrastructure that can be used to evaluate the invoice deduction asp...
Subscriber Content
Audit Programs
Foreign Corrupt Practices Act (FCPA) Audit Work Program
This audit program sample assists audit teams reviewing compliance with the Foreign Corrupt Practices Act of 1977.
Subscriber Content
Articles
The Responsible Tech Firm Series, Part 3: Preparing for the Regulatory Wave
Protiviti Managing Directors Gordon Tucker and Matthew Moore add to the insights offered in Part Three of Protiviti’s re...
Subscriber Content
Articles
The Responsible Tech Firm Series Part 2: Can You Hear the Regulatory Wake Up Call?
Protiviti Managing Directors Gordon Tucker and Shelley Metz-Galloway add to the insights offered in Part Two of Protivit...
Subscriber Content
Articles
Tech Firms Helped Shape the New Labor Model – But They Need to Keep Evolving Themselves
Protiviti Managing Directors Gordon Tucker and Kurt Underwood explain why tech leaders need to keep a close eye on chang...
Subscriber Content
Articles
The Financial Crisis of 2008 – May We Never Forget the Lessons Learned
In this article, Protiviti’s Jim DeLoach offers his insights on the lessons we can learn from the subprime lending crisi...
Subscriber Content
Articles
For Emerging Tech Firms, More Action Today on Risks and Controls Means Less Pain Tomorrow
This article discusses some of the flexible and scalable approaches startups can adopt today to identify and manage risk...
Subscriber Content
Articles
Maintaining Staffing Equilibrium With a Flexible Workforce
Historically, accounting has been a straightforward function. However, leaders in finance and accounting may find that t...
Subscriber Content
Newsletters
Oversight of Digital Transformation
Protiviti met in August 2018 with 20 active directors during a dinner roundtable at a NACD event to discuss the board’s ...
Subscriber Content
Articles
Top-Performing Environmental Health and Safety Programs Are an Integral Part of Improving Business Performance
Mature environmental health and safety (EHS) programs help companies keep tabs on new and enforceable regulations, integ...
Subscriber Content
Articles
The Ideal Workforce: Why a 30-Year-Old Employment Model Is Relevant Again
It’s been nearly 30 years since Charles Handy first described what he calls the “shamrock organization” in his groundbre...
Subscriber Content
Articles
Managing the New Currency: Developing a High-Performing Data Management Organization
This article discusses a few things organizations should consider when analyzing their data management organizations (DM...
Subscriber Content
Articles
Three Fundamentals for Building a Solid Data Governance Program
With the explosion of data resulting from an increasing adoption of digital initiatives, it is more important than ever ...
Subscriber Content
Articles
A Rose by Any Other Name…Is Still a Rose
In this article, Protiviti Managing Director Scott Wisniewski discusses why you shouldn't forget about governance entire...
Subscriber Content
Guides
Internal Audit’s Role in Mergers and Acquisitions Guide
This sample guide outlines the role of internal auditors in the mergers and acquisitions process.
Subscriber Content
Newsletters
Getting the Most from the Board-Management Risk Appetite Dialogue
This issue of Board Perspectives offers both directors and senior executives useful insights that are consistent with th...
Subscriber Content
Audit Reports
Entity-Level Fraud Risk Assessment Process Report
This sample fraud risk assessment report provides an overview of the process one company undertook to satisfy the requir...
Subscriber Content
Articles
The Responsible Technology Firm of the Future: Corporate Social Responsibility
This article, part four of Protiviti’s four-part series, explores ideas to enhance corporate social responsibility by in...
Subscriber Content
Articles
Market Volatility: Is Your IPO Ready to Go?
In this article, Protiviti’s Chris Wright explores some of the things IPO-bound companies should consider right now.
Subscriber Content
Articles
The Responsible Technology Firm of the Future: Market Forces
This article, part three of Protiviti’s four-part series, presents suggestions for maximizing the company’s innovative p...
Subscriber Content
Benchmarking Reports
2018 Global Financial Services Compliance Survey
To more objectively measure the financial services industry’s strategies for and progression toward Agile transformation...
Subscriber Content
Articles
The Responsible Technology Firm of the Future: Corporate Governance and Regulatory Compliance
This article, part two in a four-part series, presents suggestions to build and manage a strong corporate governance ope...
Subscriber Content
Protiviti Booklets
Guide to Public Company Transformation
This guidance, now in its fourth edition, is designed to serve as a convenient and user-friendly resource that executive...
Subscriber Content
Articles
The Responsible Technology Firm of the Future: Part 1 of 4
This article provides a summary of and additional insights on Part 1 of Protiviti’s Responsible Technology series, which...
Subscriber Content
Benchmarking Reports
2018 White-Collar Crime and Fraud Risk Survey
The results of the latest White-Collar Crime and Fraud Risk Survey reveal some troubling trends that should raise concer...
Subscriber Content
Guides
Internal Controls and Shareholder Value Guide
This sample provides an overview of internal controls and how they help with creating shareholder value.
Subscriber Content
Newsletters
Oversight of Workplace Dynamics: Impact of Technology
New and emerging technologies will greatly influence—often by enabling and sometimes by making more complex—how companie...
Subscriber Content
Articles
The Responsible Technology Firm of the Future: A Rapidly Changing and Unpredictable Landscape
This article, part one in a four-part series, focuses on the changing landscape that is altering the conversation at the...
Subscriber Content
Newsletters
Oversight of Workplace Dynamics: The Labor Model
This issue of Board Perspectives: Risk Oversight explores the concept of the “shamrock organization” and provides a list...
Subscriber Content
Articles
Focus on Culture: How Culture Assessments Can Support the Audit Committee’s Agenda
In this article, Protiviti Executive Vice President Susan Haseley offers some suggestions on how organizations might inc...
Subscriber Content
Process Flows
Income Tax Process Flow
This flowchart defines the steps used for the income tax, sales tax, use tax, insurance renewal, insurance maintenance a...
Subscriber Content
Audit Reports
Quarterly Compliance Assessment Audit Report
The purpose of this report is to document internal audit’s quarterly assessment of compliance policies and procedures an...
Subscriber Content
Newsletters
Sustainability: The What, Why and How
In this issue of The Bulletin, Protiviti discusses sustainability — what it is, why it’s important, and the obstacles to...
Subscriber Content
Guides
Facilitating SOX Compliance Using a Committee Structure Guide
This guide discusses the duties, composition, structure and interrelationships of the disclosure committee that needs to...
Subscriber Content
Articles
Risk Culture Audits: Does Your Organization Walk the Talk?
Based on observations from working with financial services industry (FSI) clients and colleagues, Protiviti’s Reema Sing...
Subscriber Content
Checklists & Questionnaires
Hazard Assessment Checklist and Corrective Action Report
This tool provides questions to consider while conducting periodic hazard assessments.
Subscriber Content
Articles
Achieving a Top-Performing Environmental Health and Safety Program
This article provides tips for business leaders seeking to improve their EHS capabilities in the most cost-effective way...
Subscriber Content
Articles
Enterprise Role Management: Strategic Deployment of Role-Based Access Control in Today’s IAM Landscape
A well-governed role-based access control (RBAC) environment provides huge value to the business, simplifies user experi...
Subscriber Content
Checklists & Questionnaires
Sarbanes-Oxley Section 404 Documentation Readiness Checklist
This tool includes checklist to evaluate the adequacy of Section 404 process documentation prior to submitting to the ex...
Subscriber Content
Articles
Measuring Ethical Culture: Tapping Into “Open Secrets”
A number of corporate scandals have played out on the front pages in the past year that have raised the discourse around...
Subscriber Content
Checklists & Questionnaires
Test Documentation Validation Checklist
This tool lists information/documentation that must be checked for completeness and accuracy upon receipt of testing mat...
Subscriber Content
Checklists & Questionnaires
Internal Audit Department: Quality Assurance Review Customer Interview Questions
This customer satisfaction survey is meant to be used during a quality assurance review (QAR) of an internal audit depar...
Subscriber Content
Newsletters
The Relevance of Sustainability Performance to Board Risk Oversight
The pursuit of aggressive environmental, economic and social sustainability goals presents both opportunity and risk. Th...
Subscriber Content
Checklists & Questionnaires
Update Testing: Control Self-Assessment Questionnaire
This questionnaire helps to assess if the controls are operating effectively within a business unit.
Subscriber Content
Performer Profiles
Fix Yourself First: Tennessee Valley Authority OIG Leads by Example
The Tennessee Valley Authority (TVA) provides electrical service to more than 9 million customers across portions of sev...
Subscriber Content
Guides
Sarbanes-Oxley Walkthrough Guidance for General IT Controls
This tool provides guidelines for a sarbanes-oxley walkthrough for general IT controls.
Subscriber Content
Newsletters
Sustaining an Innovation Culture in the Digital Age
Digital transformation is disrupting entrenched incumbents and even whole industries. This issue of Board Perspectives: ...
Subscriber Content
Performer Profiles
Doing Things the Right Way at T-Mobile
For T-Mobile, the “right way” means solving customer pain points and making the customer experience easier, better, more...
Subscriber Content
Articles
Measuring Up To the New MACRA Quality Standards
On November 2, 2017, the CMS released the 2018 requirements for Year 2 of the Quality Payment Program (QPP) as establish...
Subscriber Content
Newsletters
A Risk-Informed Approach to Enterprise Risk Management
In this latest installment of The Bulletin, we explore the ERM topic once again — this time examining how a “risk-inform...
Subscriber Content
Performer Profiles
Internal Audit Keeps Takeda’s Deeply Rooted Culture in Focus When Assessing Risk
Katsuaki Kaneko, Head of Group Internal Audit at Takeda says, “…Takeda’s senior management team has given me a mandate —...
Subscriber Content
Methodologies & Models
Equal Employment Opportunity: Capability Maturity Model and Six Elements of Infrastructure
This document includes the capability maturity model and six elements of infrastructure for equal employment opportuniti...
Subscriber Content
Guides
Sarbanes-Oxley Program Implementation Guide
This guide provides procedures, checklists and summaries that can be used to implement changes within an organization’s ...
Subscriber Content
Audit Reports
Sarbanes-Oxley Section 404 Process Prioritization Audit Report
This document outlines the process that management utilizes for determining the final process criticality for a SOX 404 ...
Subscriber Content
Policies & Procedures
Whistleblower Policy
This policy establishes standards and procedures to ensure that the accounting and audit-related complaint handling proc...
Subscriber Content
Policies & Procedures
Finance Code of Conduct Policy
This sample policy serves as a code of conduct specific to senior financial officers of a company with the purpose of do...
Subscriber Content
Policies & Procedures
Relationship with External Auditors Policy
This sample document sets out policies and procedures for the external audit of a company.
Subscriber Content
Policies & Procedures
Corporate Governance Policy: Relationship With Internal Auditors
This sample policy establishes reporting relationships for the internal auditors of a company.
Subscriber Content
Policies & Procedures
Governance in Not-For-Profit Organizations Policy
This sample policy provides guidance for not-for-profit organizations in the areas of mandate, roles of volunteer boards...
Subscriber Content
Policies & Procedures
Corporate Governance Policy: Board Committees
This sample policy sets standards for board committee structures and protocols.
Subscriber Content
Policies & Procedures
Corporate Governance Policy: Shareholder Meetings
This sample policy simplifies and clarifies the essential elements of shareholder meetings.
Subscriber Content
Newsletters
The Board’s Role in Addressing Geopolitical and Regulatory Shifts
This issue of Board Perspectives identifies seven key takeaways from Protiviti’s roundtable at a National Association of...
Subscriber Content
Newsletters
Time to Take a Fresh Look at ERM
This article discusses key questions organizations should ask themselves when implementing ERM, outlines critical aspect...
Subscriber Content
Newsletters
So, You've Implemented ERM? Take Another Look
This newsletter outlines what’s new in the updated COSO ERM framework and expectations going forward.
Subscriber Content
Protiviti Booklets
Internal Auditing Around the World: Volume 13
In our latest edition of Internal Auditing Around the World, we focus on a challenge that places leaders in somewhat unf...
Subscriber Content
Newsletters
The Four C's in Overseeing Internal Audit
This issue of Board Perspectives discusses the four C's directors should consider when evaluating the sufficiency of any...
Subscriber Content
Checklists & Questionnaires
Audit Committee Annual Planning Schedule
This sample schedule provides an annual planner for audit committee activities and demonstrates how to schedule and trac...
Subscriber Content
Newsletters
Attributes for Facing the Future Confidently
This issue of The Bulletin articulates a deeper understanding of the requisites of organizational confidence so that lea...
Subscriber Content
Audit Programs
Risk Assessment Audit Work Program
This sample work program assesses and validates key controls in place for the risk assessment component of the COSO fram...
Subscriber Content
Newsletters
Setting the 2017 Audit Committee Agenda
This issue of The Bulletin suggests 10 top issues for audit committees to consider for the coming year based on Protivit...
Subscriber Content
Newsletters
Helping Organizations Face Future Uncertainty Confidently
This issue of Board Perspectives explores the attributes of confidence that executives and directors can use to assess a...
Subscriber Content
Memos
Sarbanes-Oxley Walkthrough Preparation Memo
This Sarbanes-Oxley process memo informs and prepares business process control managers to engage in “walkthrough” discu...
Subscriber Content
Newsletters
COSO ERM: What It Means to the Board
This issue of Board Perspectives summarizes five significant takeaways from the new COSO ERM framework.
Subscriber Content
Newsletters
Board Oversight of Talent Strategy
This issue of Board Perspectives: Risk Oversight discusses current challenges and effective practices in the board’s ove...
Subscriber Content
Memos
Sarbanes-Oxley Spreadsheet Controls Memo
This is a sample email sent by the process owner to finance staff regarding the documentation of controls over spreadshe...
Subscriber Content
Audit Programs
Diversify Workforce Audit Work Program
This audit work program evaluates a company's diversity and inclusion compliance processes.
Subscriber Content
Memos
SOX Year-End Update Testing Memo
This memo defines the process a company uses to update testing of internal controls for Sarbanes-Oxley compliance purpos...
Subscriber Content
Newsletters
COSO 2013: What Have We Learned?
This issue of Board Perspectives: Risk Oversight outlines important lessons for board members to consider as directors e...
Subscriber Content
Checklists & Questionnaires
Setting the Audit Committee Agenda Questionnaire
Good business leaders are aware that the world is changing–dramatically. This questionnaire is for executive management,...
Subscriber Content
Risk & Control Matrices - RCMs
Diversify Workforce RCM
This document outlines risks and controls common to the diversify workforce process.
Subscriber Content
Newsletters
Ten Principles for Risk Oversight Revisited
While risk oversight has always been an important part of the board’s agenda, the disruptive financial crisis taught eve...
Subscriber Content
Audit Programs
Conflict of Interest (Trust Company) Audit Work Program
This audit work program focuses on the conflict of interest between a trust company and its affiliates.
Subscriber Content
Audit Programs
Asset and Liability Management Policy Review Audit Work Program
This audit work program reviews the policies governing the asset and liability management process.
Subscriber Content
Newsletters
Identifying Emerging Risks: A Long-Term Perspective
This issue of Board Perspectives: Risk Oversight discusses the World Economic Forum’s (WEF) annual update on global risk...
Subscriber Content
Audit Programs
Social Responsibilities Programs Audit Work Program
This audit program helps internal audit functions identify social responsibility issues that an organization may not be ...
Subscriber Content
Newsletters
Top 10 Lessons Learned From Implementing COSO 2013
In this issue of The Bulletin, we share 10 lessons learned from COSO 2013 successful implementations from a variety of s...
Subscriber Content
Newsletters
Setting the 2015 Audit Committee Agenda
This issue of The Bulletin details 10 items that audit committees should consider as they look forward in 2015.
Subscriber Content
Newsletters
Effective Use of Executive Sessions When Overseeing Risk
This issue of Board Perspectives: Risk Oversight focuses on how to use executive sessions as part of the board of direct...
Subscriber Content
Newsletters
To Manage Disruption, Understand Strategic Assumptions
In this issue of Board Perspectives: Risk Oversight, we discuss why management should identify and consider the key assu...
Subscriber Content
Audit Programs
Information and Communication Audit Work Program
The purpose of this audit work program is to assess, at a high level, and validate key controls in place for the informa...
Subscriber Content
Audit Programs
Ethics Program Review Audit Work Program
An organization’s ethics program is increasingly important in the current regulatory environment and critical to minimiz...
Subscriber Content
Newsletters
Measuring the Success of Enterprise Risk Management
In this issue of Board Perspectives: Risk Oversight, we study 10 measures of success companies can use directly related ...
Subscriber Content
Protiviti Booklets
Enhanced Prudential Regulations for Foreign Banks (Regulation YY)
In this booklet, we will answer frequently asked questions to help head office and U.S. management of foreign banking or...
Subscriber Content
Audit Programs
Controls Monitoring Audit Work Program
This sample work program provides steps to perform a quarterly assessment of management’s monitoring of company-level co...
Subscriber Content
Newsletters
Ten Lessons in Integrating Risk Management with Strategy
In this issue of The Bulletin, we share 10 lessons for executives and directors to keep in mind when integrating risk in...
Subscriber Content
Newsletters
Recognizing Emerging Risks
This issue of Board Perspectives: Risk Oversight introduces effective techniques for identifying emerging risks that man...
Subscriber Content
Checklists & Questionnaires
Audit Committee Responsibilities Questionnaire
This is a sample self-assessment questionnaire for audit committees to use when evaluating the scope of their responsibi...
Subscriber Content
Audit Programs
Ethical Business Conduct Guidelines Audit Work Program
The purpose of this work program is to provide the general steps used to perform an audit of ethical business conduct gu...
Subscriber Content
Protiviti Booklets
How COSO Frameworks Improve Organizational Performance and Governance
This booklet illustrates how the enterprise risk management (ERM) framework and the new internal control framework can e...
Subscriber Content
Newsletters
The Most Important Risks for 2014
This issue of Board Perspectives: Risk Oversight summarizes the top-of-mind risks and uncertainties companies are facing...
Subscriber Content
Newsletters
The Five Lines of Defense: A Shareholder’s Perspective
In this issue of Board Perspectives: Risk Oversight, we look at how an effectively designed and implemented lines-of-def...
Subscriber Content
Newsletters
Five Risk Oversight Questions Directors Should Ask
As the business environment changes, risk profiles change and business models are exposed to disruption. Corporate strat...
Subscriber Content
Newsletters
Gaining Traction With Enterprise Risk Management
Issue 49 of Board Perspectives: Risk Oversight provides seven design principles that will help overcome ERM implementati...
Subscriber Content
Newsletters
Is Your Company Exposed to the Right Risks?
A company’s strategic direction and its ability to execute on that direction are both fundamental elements of risk-takin...
Subscriber Content
Guides
COSO Internal Controls Guide: Integrated Framework
COSO's 2013 Internal Control–Integrated Framework (Framework) is expected to help organizations design and implement int...
Subscriber Content
Newsletters
Setting the 2013 Audit Committee Agenda
This issue of The Bulletin provides observations and ideas for consideration by boards of directors and their audit comm...
Subscriber Content
Protiviti Booklets
Guide to the Sarbanes-Oxley Act: IT Risks and Controls
In this booklet, we provide guidance to Section 404 compliance project teams on the consideration of information technol...
Subscriber Content
Newsletters
Is Your Compliance Management Making a Difference? (Board Perspectives, Risk Oversight Issue 35)
This issue of Board Perspectives: Risk Oversight describes several key elements of an effective compliance program for b...
Subscriber Content
Newsletters
Is Your Compliance Management Making a Difference? (The Bulletin: Volume 4, Issue 10)
This issue of The Bulletin focuses on the issues that surround compliance, its current state, true cost and value propos...
Subscriber Content
Newsletters
Identifying Emerging Risks
This issue of Board Perspectives: Risk Oversight discusses how to identify emerging risks, which may affect the long-ter...
Subscriber Content
Newsletters
Survey Results Provide Baseline for Board Risk Oversight
This issue of Board Perspectives: Risk Oversight summarizes the results of a comprehensive survey regarding how the risk...
Subscriber Content
Newsletters
Five Risk Categories for Focusing Risk Oversight
As the board of directors organizes itself for risk oversight, the question arises as to whether it should adopt its own...
Subscriber Content
Newsletters
The Current State of Board Risk Oversight
To develop deeper knowledge of the risk oversight process, the Committee of Sponsoring Organizations of the Treadway Com...
Subscriber Content
Newsletters
When Insolvency Issues Arise
This issue of Board Perspectives: Risk Oversight focuses on personal liability risks and responsibilities for independen...
Subscriber Content
Newsletters
Preparing for a Black Swan
In this issue of Board Perspectives: Risk Oversight, we discuss an approach which uses the most critical assumptions und...
Subscriber Content
Newsletters
Making Your Risk Assessments Count: A Strategic Perspective
This issue of The Bulletin looks at why traditional approaches to risk assessment aren’t meeting expectations and how t...
Subscriber Content
Newsletters
Ten Ways Risk Oversight Can Fail
This issue of Board Perspectives: Risk Oversight reviews 10 causes that can contribute to failure of the board’s risk ov...
Subscriber Content
Newsletters
Aligning Strategy Setting and Performance Management With Risk
In this issue of Board Perspectives: Risk Oversight, we discuss the importance of integrating risk management with strat...
Subscriber Content
Newsletters
Integrating Risk Management with What Matters
This issue of The Bulletin discusses why integrating risk management with strategic management and performance managemen...
Subscriber Content
Newsletters
The Importance of Tone at the Top to Risk Management
This issue of Board Perspectives: Risk Oversight reviews 10 key indicators that collectively provide red flags that pote...
Subscriber Content
Newsletters
Four Foundational Elements of Risk Management
In this issue of Board Perspectives: Risk Oversight, we examine the four elements that define what executives should ass...
Subscriber Content
Protiviti Booklets
Assessing New Rules Regarding the Personal Obligation of Senior Accounting Officers of Large Companies
In this booklet, we answer common questions regarding Schedule 46 and suggest a roadmap to compliance.
Subscriber Content
Newsletters
Organizing for Risk Oversight
This issue of Board Perspectives: Risk Oversight outlines questions for board members to consider as they seek to clarif...
Subscriber Content
Newsletters
The Risk Appetite Dialogue
Risk appetite is the mutual understanding between management and the board of directors regarding the drivers of, and pa...
Subscriber Content
Newsletters
Knowing What You Don’t Know
This issue of Board Perspectives: Risk Oversight suggests eight steps executives and directors can take to manage uncert...
Subscriber Content
Newsletters
Setting the 2010 Audit Committee Agenda
In this issue of The Bulletin, we provide 10 major challenges for board members to consider as they set the 2010 audit c...
Subscriber Content
Newsletters
The Enterprise Risk Assessment Process
In this issue of Board Perspectives: Risk Oversight, we take a deep dive into the key considerations to take when engagi...
Subscriber Content
Newsletters
Risk Oversight: A Board Imperative
Included in the inaugural edition of Board Perspectives: Risk Oversight are questions board members should ask of execut...
Subscriber Content
Newsletters
Ten Common Risk Management Failures and How to Avoid Them
In this issue of The Bulletin, we explore 10 common risk management mistakes and how they can be avoided.
Subscriber Content
Newsletters
Credit Rating Analysis of Enterprise Risk Management at Nonfinancial Companies: Are You Ready?
This issue of The Bulletin explores how consideration of ERM quality can impact the ratings process and what nonfinancia...
Subscriber Content
Newsletters
Setting the 2008 Audit Committee Agenda
This issue of The Bulletin provides observations and ideas for boards of directors and their audit committees regarding ...
Subscriber Content
Protiviti Booklets
Guide to the Sarbanes-Oxley Act: Internal Control Requirements - Frequently Asked Questions Regarding Section 404
This booklet is designed to help answer questions about the sections of SOX pertaining to public reporting; this informa...
Subscriber Content
Protiviti Booklets
Enterprise Risk Management in Practice
In this booklet, we profile 11 companies that are operating in different industries and countries to provide ERM ideas i...
Subscriber Content
Newsletters
Conducting Enterprise Risk Assessments That Make a Difference
In this issue of The Bulletin, we focus on the vital steps in executing an effective ERA and why integrating these asse...
Subscriber Content
Protiviti Booklets
Guide to Enterprise Risk Management
This booklet addresses over 160 questions relating to some of the most commonly asked questions with respect to enterpri...
Subscriber Content
Newsletters
The Self-Assessment Process: Management’s Tool for Reinforcing Process Owner Accountability
In this issue of The Bulletin, we discuss the self-assessment process and how one can be implemented to reinforce proces...
Subscriber Content
Newsletters
Building Upon Section 404 Compliance: Moving Beyond Year One
In this issue of The Bulletin, we outline imperative steps for certifying officers to take to demonstrate care in reinfo...
Subscriber Content
Newsletters
Technology Risks and Controls: What You Need to Know
In this issue of The Bulletin, we focus on the relevance of IT risks and controls to a company’s meeting the internal co...
Subscriber Content
Newsletters
The Expanded Responsibilities of the Audit Committee: A New Mandate
This issue of The Bulletin explores the new requirements of audit committees and their implications, and suggests six ke...
Subscriber Content
Newsletters
Internal Control Over Financial Reporting: An Update on Section 404 of Sarbanes-Oxley
The SEC released its final rules in June 2003 regarding Section 404, making time an asset rather than a liability. This ...
Subscriber Content
Newsletters
Strengthening Governance Through Risk Management
This issue of The Bulletin provides five comprehensive recommendations for strengthening governance through improved ris...
Subscriber Content
Newsletters
Internal Controls Over Financial Reporting: Understanding Section 404 of Sarbanes-Oxley
In this issue of The Bulletin, we address in detail Section 404, a provision of SOX that is certain to garner the attent...
Subscriber Content
Newsletters
The Code of Conduct: Laying a Cornerstone for Effective Governance
In this issue of The Bulletin, we provide important steps for boards of directors and management to consider in designin...
Subscriber Content
Newsletters
Staying Focused on Core Business Issues Amid Corporate Governance Compliance
In this issue of The Bulletin, we cover the basics of corporate governance compliance.
Subscriber Content
Newsletters
Executive Certifications: Same Responsibilities, Higher Stakes
In this issue of The Bulletin, we answer several important questions regarding these new requirements.
Subscriber Content
Protiviti Booklets
FAQ: Sarbanes-Oxley Act Executive Certification Requirements
This booklet describes a major area of emphasis for many companies preparing to make their first filing subsequent to Au...
Subscriber Content
Newsletters
The Changing Corporate Governance Landscape and Its Implications
This issue of The Bulletin reviews examples of what the board of directors and management should do as they work to impr...
Subscriber Content
Newsletters
The Role of Personal Accountability in the New Environment
This issue of The Bulletin outlines seven key principles that provide a framework for establishing and reinforcing the p...
Subscriber Content
Blog
Five Components of the COSO Framework You Need to Know
WHAT DOES COSO STAND FOR?
In 1992, the Committee of Sponsoring Organizations of the Treadway Commission...
Blog
Five Important Questions on How to Effectively Keep Pace With Change
We all know that change is inevitable, but what can an organization do to keep its strategies and risk man...
Blog
Second Line of Defense: What Needs to Be Present
What is the Second Line of Defense?
Essential to effective risk management, the lines-of-defense model is ...
Blog
Six Tips on How to Implement a Strong Ethics Program
Do your customers trust and believe in your company? Do you trust and believe your employees? Do your empl...
Newsletters
The Bulletin Newsletters
The Bulletin is a periodic newsletter from Protiviti offering detailed insights on corporate governance and related risk...