The following 70 items are listed by Content Data.
Methodologies & Models
Six Elements of Infrastructure for Public Company Readiness
This document includes the six elements of infrastructure focused on an organization’s public company readiness process.
Subscriber Content
Audit Programs
Entity-Level Controls Audit Work Program
This tool includes two sample audit programs that provide steps organizations can take to perform an entity-level contro...
Subscriber Content
Guides
Enterprise Risk Management Summary Approach Guide
This tool contains three guides that focus on the infrastructure, foundational concepts and implementation of the enterp...
Subscriber Content
Guides
Ethics Program Guide
This tool contains two sample guides that can be used by auditors to implement an effective ethics program.
Subscriber Content
Audit Programs
Control Environment Audit Work Program
This audit work program focuses on the control environment component of the COSO Framework.
Subscriber Content
Guides
Risk Assessment Guide
This tool contains two guides that can be used by auditors to understand and improve their risk assessment process.
Subscriber Content
Charters
Risk Management Oversight Committee Charter
This sample outlines responsibilities and duties for establishing a risk management oversight committee charter.
Subscriber Content
Guides
Self-Assessment Value Proposition Guide
This tool contains three guides that describe the four common elements needed in all self-assessment meetings and explai...
Subscriber Content
Audit Reports
Sarbanes-Oxley Section 404 Status Report
This document includes two sample reports that can be used to communicate the results of a Sarbanes-Oxley Section 404 re...
Subscriber Content
Checklists & Questionnaires
Internal Control Structure Validation Questionnaire
This tool features questions to consider for verifying an organization’s internal controls over financial reporting (ICF...
Subscriber Content
Audit Reports
Entity-Level Controls Assessment Report
This document contains two sample audit reports that can be used to document management’s assessment of internal control...
Subscriber Content
Audit Programs
Monitoring Entity-Level Controls Audit Work Program
This document contains two sample programs that include general steps organizations can use when performing an entity-le...
Subscriber Content
Checklists & Questionnaires
Control Rationalization and Cost-Effectiveness Questionnaire
This tool highlights questions to consider when implementing and measuring an organization’s cost-effectiveness and cont...
Subscriber Content
Audit Reports
Internal Controls Self-Assessment Report
This sample audit report can be used by auditors to assess and improve an organization’s internal controls.
Subscriber Content
Methodologies & Models
Business Self-Assessment Methodology
This tool provides an overview of the business self-assessment process and includes four components of business self-ass...
Subscriber Content
Guides
Process and Activity-Level Controls Assessment Guide
This sample document can be used as a guide to assessing controls at the process or activity level.
Subscriber Content
Guides
Sarbanes-Oxley 404 Compliance Project Testing and Documentation Standards Guide
This guide can be used by Sarbanes-Oxley project teams to test Section 404 key controls and document the testing results...
Subscriber Content
Guides
An Effective Way to Conduct a Risk Assessment Guide
This guide outlines and compares various options and approaches to conducting an effective risk assessment.
Subscriber Content
Guides
Sarbanes-Oxley Section 404 Compliance Guide
This sample document can be used as a guide for establishing an organization’s framework and standard policy for complia...
Subscriber Content
Checklists & Questionnaires
IT General Controls Questionnaire
This sample questionnaire provides several COBIT areas and related control objectives for each IT general control.
Subscriber Content
Checklists & Questionnaires
Entity-Level Controls Fraud Questionnaire
This sample includes a list of questions to consider while checking an organization’s entity-level controls for fraud.
Subscriber Content
Audit Reports
Internal Audit Staffing and Audit Plan Report
This sample report can be customized and distributed to communicate an internal audit department's current staffing leve...
Subscriber Content
Checklists & Questionnaires
Entity-Level Control Environment Questionnaire
This questionnaire template provides a number of COSO elements and the related control objectives for entity-level contr...
Subscriber Content
Checklists & Questionnaires
Entity-Level Controls Information and Communication Questionnaire
This questionnaire template provides a number of COSO elements and their related control objectives for entity-level con...
Subscriber Content
Checklists & Questionnaires
Entity-Level Controls Risk Assessment Questionnaire
The objective of this questionnaire is to assess a number of COSO elements and the related objectives for entity-level c...
Subscriber Content
Checklists & Questionnaires
Entity-Level Controls Monitoring Questionnaire
Monitoring is a process that assesses the quality of the entity's internal control performance over time. This template ...
Subscriber Content
Audit Reports
Sarbanes-Oxley Year-End Audit Committee Report
This sample report to the audit committee focuses on the progress of an organization's Sarbanes-Oxley Section 404 progra...
Subscriber Content
Checklists & Questionnaires
Sarbanes-Oxley Sustainable Compliance Questionnaire
This questionnaire addresses how organizations can make Sarbanes-Oxley compliance sustainable while improving business p...
Subscriber Content
Audit Reports
Entity-Level Fraud Risk Assessment Process Report
This sample fraud risk assessment report provides an overview of the process one company undertook to satisfy the requir...
Subscriber Content
Memos
SOX IT Testing Planning Memo
This memo captures details for SOX IT testing, including objectives, project scope, transaction types, key risks, coordi...
Subscriber Content
Newsletters
Corporate Culture: Are You Curious Enough?
In issue 12 of The Bulletin, Protiviti explores the question, “Are organizations curious enough to really understand all...
Subscriber Content
Articles
An Involved and Agile IT Audit Function Is Key to Cybersecurity
This article lists some questions for you to consider as you seek greater IT audit agility to manage cybersecurity and a...
Subscriber Content
Policies & Procedures
Relationship with External Auditors Policy
This sample document sets out policies and procedures for the external audit of a company.
Subscriber Content
Policies & Procedures
Sarbanes-Oxley Section 404 Management Testing Plan Policy
This sample policy helps to summarize management’s approach to plan, organize, execute, document and support its assessm...
Subscriber Content
Audit Reports
Entity-Level Risk Assessment Audit Report
This sample IT risk assessment audit report presents findings from an entity-level risk analysis review.
Subscriber Content
Sarbanes-Oxley CPE Courses
Using the COSO Internal Control Integrated Framework for Sarbanes-Oxley Compliance (KLplus CPE Course)
This basic-level course introduces COSO and the COSO Internal Control Integrated Framework and its five components.
Audit Programs
Risk Assessment Audit Work Program
This sample work program assesses and validates key controls in place for the risk assessment component of the COSO fram...
Subscriber Content
Memos
Internal Control Audit Instructions Memo
This memo documents instructions for reviewing and testing a company's internal control environment.
Subscriber Content
Memos
Issue Identification Memo
This issue identification memo can be used to notify auditees of specific issues identified during an internal audit.
Subscriber Content
Memos
Entity-Level Controls Memo
This memo outlines a process for reviewing entity-level controls.
Subscriber Content
Memos
Sarbanes-Oxley Testing Strategy Memo
This memo documents a company's high-level testing strategy for Sarbanes-Oxley compliance.
Subscriber Content
Newsletters
COSO 2013: What Have We Learned?
This issue of Board Perspectives: Risk Oversight outlines important lessons for board members to consider as directors e...
Subscriber Content
Guides
Facilitated Meetings Guide
This guide discusses ground rules, meeting purpose statements and techniques for building agreements. It also provides s...
Subscriber Content
Newsletters
Top 10 Lessons Learned From Implementing COSO 2013
In this issue of The Bulletin, we share 10 lessons learned from COSO 2013 successful implementations from a variety of s...
Subscriber Content
Audit Programs
Information and Communication Audit Work Program
The purpose of this audit work program is to assess, at a high level, and validate key controls in place for the informa...
Subscriber Content
Audit Programs
Controls Monitoring Audit Work Program
This sample work program provides steps to perform a quarterly assessment of management’s monitoring of company-level co...
Subscriber Content
Protiviti Booklets
The Updated COSO Internal Control Framework
In this booklet, we address various questions regarding the New Framework from COSO, including the reasons why it was up...
Subscriber Content
Protiviti Booklets
The Updated COSO Internal Control Framework FAQ: Table of Contents
This table of contents and FAQ list is a reference for the Updated COSO Internal Control Framework FAQ.
Subscriber Content
Protiviti Booklets
How COSO Frameworks Improve Organizational Performance and Governance
This booklet illustrates how the enterprise risk management (ERM) framework and the new internal control framework can e...
Subscriber Content
Guides
COSO Internal Controls Guide: Integrated Framework
COSO's 2013 Internal Control–Integrated Framework (Framework) is expected to help organizations design and implement int...
Subscriber Content
Checklists & Questionnaires
Self-Assessment Process Questionnaire: Process Owner Accountability
This questionnaire provides a format to evaluate current self-assessment practices and identify areas for improvement.
Subscriber Content
Guides
Internal Controls Sustainability Training Guide
This sample guide focuses on building a sustainable internal control process.
Subscriber Content
Protiviti Booklets
Guide to the Sarbanes-Oxley Act: IT Risks and Controls
In this booklet, we provide guidance to Section 404 compliance project teams on the consideration of information technol...
Subscriber Content
Newsletters
Focus on the “Tone of the Organization”
While tone at the top is important and a vital foundation, is it enough? This issue of Board Perspectives explains why i...
Subscriber Content
Newsletters
Is Your Compliance Management Making a Difference? (The Bulletin: Volume 4, Issue 10)
This issue of The Bulletin focuses on the issues that surround compliance, its current state, true cost and value propos...
Subscriber Content
Newsletters
Reducing the Risk of Rogue Trading
This issue of Board Perspectives: Risk Oversight provides seven important questions for boards and senior executives to ...
Subscriber Content
Newsletters
Finding the Right Chief Risk Officer
In this issue of Board Perspectives: Risk Oversight, we argue what qualifications a company should look for when evaluat...
Subscriber Content
Newsletters
Recommendations from Protiviti’s Board Risk Oversight Survey
This issue of Board Perspectives: Risk Oversight lists some recommendations for board members to consider about the curr...
Subscriber Content
Newsletters
Setting the 2011 Audit Committee Agenda
This issue of The Bulletin provides observations for consideration by boards of directors and their audit committees as ...
Subscriber Content
Newsletters
Ten Ways Risk Oversight Can Fail
This issue of Board Perspectives: Risk Oversight reviews 10 causes that can contribute to failure of the board’s risk ov...
Subscriber Content
Newsletters
Risk Oversight: A Board Imperative
Included in the inaugural edition of Board Perspectives: Risk Oversight are questions board members should ask of execut...
Subscriber Content
Newsletters
Ten Common Risk Management Failures and How to Avoid Them
In this issue of The Bulletin, we explore 10 common risk management mistakes and how they can be avoided.
Subscriber Content
Newsletters
Credit Rating Analysis of Enterprise Risk Management at Nonfinancial Companies: Are You Ready?
This issue of The Bulletin explores how consideration of ERM quality can impact the ratings process and what nonfinancia...
Subscriber Content
Protiviti Booklets
Guide to the Sarbanes-Oxley Act
The questions answered in this booklet have risen in our discussions with clients and others in the marketplace who freq...
Subscriber Content
Protiviti Booklets
Top Priorities for Internal Audit in a Changing Environment
Protiviti recommends 10 strategic priorities for every public and private organization to employ in its IA function in t...
Subscriber Content
Newsletters
Section 404 Compliance: Planning for Next Year
This issue of The Bulletin focuses on some of the opportunities companies should consider as they plan for Year Three of...
Subscriber Content
Blog
A Guide to Self-Assessment Value Proposition
Self-assessment is a process through which an organization utilizes its internal knowledge to identify and ...
Blog
COSO Integrated Control Framework: Important Changes You Need to Know
In January 2013, the updated version of the Committee of Sponsoring Organizations of the Treadway Commissi...
Blog
Disclosure Controls and Procedures: Key Facts You Need to Know
The SEC introduced “disclosure controls and procedures” as a new term in its initial August 29, 2002, relea...