The following 59 items are listed by Content Data.
Guides
Enterprise Risk Management Summary Approach Guide
This tool contains three guides that focus on the infrastructure, foundational concepts and implementation of the enterp...
Subscriber Content
Guides
Auditing the Enterprise Risk Management (ERM) Process Guide
In this tool, we’ve compiled a guide that includes a systematic, disciplined approach to evaluating and improving the ef...
Subscriber Content
Requests for Proposals - RFPs
Request for Proposal: Sarbanes-Oxley Section 404 Implementation
This request for proposal (RFP) sample can be used by organizations seeking a qualified service provider to implement a ...
Subscriber Content
Charters
Quality Assurance Function Charter
This sample establishes guidelines and responsibilities for creating a quality assurance function charter.
Subscriber Content
Audit Reports
Entity-Level Controls Assessment Report
This document contains two sample audit reports that can be used to document management’s assessment of internal control...
Subscriber Content
Audit Programs
Monitoring Entity-Level Controls Audit Work Program
This document contains two sample programs that include general steps organizations can use when performing an entity-le...
Subscriber Content
Checklists & Questionnaires
Enterprise Risk Management (ERM) Integration Strategy Questionnaire
This tool provides questions organizations should consider when implementing an enterprise risk management (ERM) strateg...
Subscriber Content
Audit Reports
IT Compliance Review Report
This sample audit report can be used to review and better understand an organization’s IT compliance process.
Subscriber Content
Methodologies & Models
Protiviti's Sarbanes-Oxley Section 404 Compliance Initiatives Methodology
This tool provides an overview of an organization’s Sarbanes-Oxley (SOX) Section 404 compliance process and illustrates ...
Subscriber Content
Checklists & Questionnaires
IT General Controls Questionnaire
This sample questionnaire provides several COBIT areas and related control objectives for each IT general control.
Subscriber Content
Checklists & Questionnaires
Entity-Level Controls Fraud Questionnaire
This sample includes a list of questions to consider while checking an organization’s entity-level controls for fraud.
Subscriber Content
Checklists & Questionnaires
Entity-Level Control Environment Questionnaire
This questionnaire template provides a number of COSO elements and the related control objectives for entity-level contr...
Subscriber Content
Checklists & Questionnaires
Entity-Level Controls Information and Communication Questionnaire
This questionnaire template provides a number of COSO elements and their related control objectives for entity-level con...
Subscriber Content
Checklists & Questionnaires
Entity-Level Controls Risk Assessment Questionnaire
The objective of this questionnaire is to assess a number of COSO elements and the related objectives for entity-level c...
Subscriber Content
Checklists & Questionnaires
Entity-Level Controls Monitoring Questionnaire
Monitoring is a process that assesses the quality of the entity's internal control performance over time. This template ...
Subscriber Content
Newsletters
Getting the Most from the Board-Management Risk Appetite Dialogue
This issue of Board Perspectives offers both directors and senior executives useful insights that are consistent with th...
Subscriber Content
Articles
Business World Complexity Requires Sophisticated Enterprise Risk Management: So How Do You Get There?
In this article, Protiviti’s Emma Marcandalli answers some of the fundamental enterprise management (ERM) questions pose...
Subscriber Content
Articles
Transitioning Risk Management to the Digital Age
More needs to be done to elevate risk management to help organizations face the dynamic realities of the 21st century an...
Subscriber Content
Newsletters
A Risk-Informed Approach to Enterprise Risk Management
In this latest installment of The Bulletin, we explore the ERM topic once again — this time examining how a “risk-inform...
Subscriber Content
Audit Reports
Controls Monitoring Quarterly Assessment Report
This sample report details an internal audit department’s quarterly assessment of ongoing controls monitoring processes....
Subscriber Content
Guides
Assessing Risks and Internal Controls Guide
This presentation was developed to help with training process owners to assess risks and take responsibility for managin...
Subscriber Content
Newsletters
Time to Take a Fresh Look at ERM
This article discusses key questions organizations should ask themselves when implementing ERM, outlines critical aspect...
Subscriber Content
Newsletters
So, You've Implemented ERM? Take Another Look
This newsletter outlines what’s new in the updated COSO ERM framework and expectations going forward.
Subscriber Content
Policies & Procedures
Sarbanes-Oxley Section 404 Management Testing Plan Policy
This sample policy helps to summarize management’s approach to plan, organize, execute, document and support its assessm...
Subscriber Content
Audit Reports
Entity-Level Risk Assessment Audit Report
This sample IT risk assessment audit report presents findings from an entity-level risk analysis review.
Subscriber Content
Sarbanes-Oxley CPE Courses
Using the COSO Internal Control Integrated Framework for Sarbanes-Oxley Compliance (KLplus CPE Course)
This basic-level course introduces COSO and the COSO Internal Control Integrated Framework and its five components.
Internal Audit CPE Courses
Overview of the COSO Internal Control - Integrated Framework (KLplus CPE Course)
The objective of this course is to provide an overview of the Framework and to explain how it is applied at the entity a...
Audit Programs
Risk Assessment Audit Work Program
This sample work program assesses and validates key controls in place for the risk assessment component of the COSO fram...
Subscriber Content
Newsletters
COSO ERM: What It Means to the Board
This issue of Board Perspectives summarizes five significant takeaways from the new COSO ERM framework.
Subscriber Content
Newsletters
Updated COSO ERM Framework: What's New?
This issue of The Bulletin discusses why the COSO ERM Framework needed to be updated and how the focus is now on what is...
Subscriber Content
Memos
Entity-Level Controls Memo
This memo outlines a process for reviewing entity-level controls.
Subscriber Content
Memos
Sarbanes-Oxley Testing Strategy Memo
This memo documents a company's high-level testing strategy for Sarbanes-Oxley compliance.
Subscriber Content
Memos
Sarbanes-Oxley Section 404 Project Conclusion Memo
This memo documents an organization’s approach to Sarbanes-Oxley Section 404 compliance and concluding results from the ...
Subscriber Content
Newsletters
COSO 2013: What Have We Learned?
This issue of Board Perspectives: Risk Oversight outlines important lessons for board members to consider as directors e...
Subscriber Content
Newsletters
Top 10 Lessons Learned From Implementing COSO 2013
In this issue of The Bulletin, we share 10 lessons learned from COSO 2013 successful implementations from a variety of s...
Subscriber Content
Newsletters
Effective Use of Executive Sessions When Overseeing Risk
This issue of Board Perspectives: Risk Oversight focuses on how to use executive sessions as part of the board of direct...
Subscriber Content
Newsletters
COSO 2013: Why Should You Care?
This issue of Board Perspectives: Risk Oversight outlines six reasons why board members should care about the updated CO...
Subscriber Content
Audit Programs
Information and Communication Audit Work Program
The purpose of this audit work program is to assess, at a high level, and validate key controls in place for the informa...
Subscriber Content
Audit Programs
Controls Monitoring Audit Work Program
This sample work program provides steps to perform a quarterly assessment of management’s monitoring of company-level co...
Subscriber Content
Protiviti Booklets
The Updated COSO Internal Control Framework
In this booklet, we address various questions regarding the New Framework from COSO, including the reasons why it was up...
Subscriber Content
Protiviti Booklets
The Updated COSO Internal Control Framework FAQ: Table of Contents
This table of contents and FAQ list is a reference for the Updated COSO Internal Control Framework FAQ.
Subscriber Content
Protiviti Booklets
How COSO Frameworks Improve Organizational Performance and Governance
This booklet illustrates how the enterprise risk management (ERM) framework and the new internal control framework can e...
Subscriber Content
Newsletters
Setting the 2014 Audit Committee Agenda
This issue of The Bulletin offers 10 major challenges that companies will face over the next 12 months when setting thei...
Subscriber Content
Guides
COSO Internal Controls Guide: Integrated Framework
COSO's 2013 Internal Control–Integrated Framework (Framework) is expected to help organizations design and implement int...
Subscriber Content
Newsletters
Updated COSO Internal Control Framework: Frequently Asked Questions
In this issue of The Bulletin, we address various questions regarding the new COSO framework.
Subscriber Content
Guides
Internal Controls Sustainability Training Guide
This sample guide focuses on building a sustainable internal control process.
Subscriber Content
Audit Programs
Capital Projects Audit Work Program
This work program focuses on the capital projects process, such as identifying and prioritizing risks, evaluating intern...
Subscriber Content
Newsletters
The Current State of Board Risk Oversight
To develop deeper knowledge of the risk oversight process, the Committee of Sponsoring Organizations of the Treadway Com...
Subscriber Content
Newsletters
Setting the 2006 Audit Committee Agenda
This issue of The Bulletin provides eight agenda items for audit committees to consider regarding matters in the upcomin...
Subscriber Content
Newsletters
Enterprise Risk Management: Practical Implementation Advice
What leaves many cold on the subject of ERM is the inability to quickly grasp what it is. This issue of The Bulletin add...
Subscriber Content
Blog
COSO ERM Framework: Key Facts You Need to Know
When initiating the project to update its enterprise risk management (ERM) framework, COSO saw opportunitie...
Blog
COSO Integrated Control Framework: Important Changes You Need to Know
In January 2013, the updated version of the Committee of Sponsoring Organizations of the Treadway Commissi...
Blog
COSO: Step Up Your ERM, Integrated and Internal Controls
COSO is a framework used by businesses to establish a set of internal controls for integration into their b...
Blog
Enterprise Risk Management: How to Effectively Raise the Bar
Everyone talks about the need for good risk management programs, but nobody seems to know how to audit them...
Blog
Five Components of the COSO Framework You Need to Know
WHAT DOES COSO STAND FOR?
In 1992, the Committee of Sponsoring Organizations of the Treadway Commission...
Blog
How to Define Risk Management Goals and Objectives in Your Organization
Risk oversight and risk management are high priorities on the agenda of most organizations. Here are popul...
Blog
How to Identify Important Components of SOC Report Evaluation
There are distinct differences between SOC 1 and SOC 2 reports, but these reports also certainly overlap. ...
Blog
Second Line of Defense: What Needs to Be Present
What is the Second Line of Defense?
Essential to effective risk management, the lines-of-defense model is ...
Blog
Segregation of Duties: Key Facts You Need to Know
Segregation of duties (SoDs) is an important concept to internal control frameworks, financial reporting an...