This sample outlines a set of policies and procedures designed to provide an orderly process in which changes to a company's IT infrastructure are requested and approved prior to the installation or implementation of a change.

This sample outlines a set of policies and procedures for formalizing a Business Continuity program, and provides guidelines for developing, maintaining and exercising Business Continuity Plans (BCPs). Such plans will ensure independence of crisis location, crisis duration and availability of any specific person or group of people.

This sample outlines a set of policies and procedures for dealing with the security and use of end-user computing (EUC) tools such as spreadsheets, databases and report writers.

This sample policy provides guidance on the procedures to be followed when merchandise (damaged or otherwise) is returned by mail or shipment.

This document outlines a set of policies and procedures to retain records as appropriate to meet legal and regulatory requirements and business needs.

The purpose of this policy is to establish consistent methods for determining the bad debt reserve amount, referring appropriate accounts receivable to an outside collection agency, and charging off amounts to the bad debt reserve.

This document provides the structure for ensuring that technological changes are consistently and properly recorded, assessed, authorized, tested, and released efficiently while effectively mitigating the risks to system availability, integrity of data, and the interoperability of the organization’s information resources.

The following sample outlines a policy for ensuring secure use of network passwords. This policy provides guidance regarding initial password setup, complexity, sharing, storage, and many other topics.

The following sample outlines a set of policies and procedures for data backup and retention including network server backups, tape backups and job scheduling.

This policy provides guidelines for authorizing, processing and distributing checks. It is important that proper internal controls are in place to ensure the check processing and authorizing approvals are appropriate.

The following policy outlines steps related to the employment termination process.

This policy establishes standards and procedures for ensuring that a company performs account reconciliations in compliance with management’s objectives.

This policy specifies guidelines that ensure uniform accounting for Allowances for Doubtful Accounts across an organization. This is a valuation account used to adjust the total of the customer accounts and notes receivable to anticipated net realizable values.

The purpose of this document is to establish basic guidelines and standards for the preparation and review of work papers relating to the Sarbanes-Oxley Act Section 404 compliance project. These work paper standards will be used to document the results of testing key control activities for all critical business processes identified by the project team.

This policy focuses on establishing customer credit limits, minimizing write-offs of bad debt customer accounts, maximizing sales and managing cash flow.

This sample outlines a set of policies and procedures for governing access to company buildings and data centers, to ensure that Company X buildings and data centers remain physically secure.

The following sample outlines a set of policies and procedures for issuing credit and debit memos, including product and container deposit returns and head-office billings, and applies to all employees responsible for the initiation, recording, and authorization of all types of customer account credits and debits.

The purpose of this policy is to establish guidelines for resolving customer concerns and initiating the Customer Concern Report. Customer concerns may provide constructive ideas for improving products or business processes efficiency by alerting management to issues that need prompt attention and correction, and may indicate long-range opportunities for product innovation and problem prevention.

The purpose of this policy is to establish guidelines for establishing customer credit limits, the credit hold and release process, and the ongoing credit review of customer accounts, in order to maximize profitability by minimizing credit risk and potential collections issues.

This sample outlines a set of policies and procedures for establishing guidelines related to price administration, including price set-up, price maintenance and review, and the timely update of prices.

This sample outlines a set of policies and procedures for invoicing customers and issuing invoice corrections.

This sample outlines guidelines for receiving and entering customer orders to ensure the timely and accurate fulfillment of those orders

The purpose of this policy is to establish the guidelines for setting up new customers and modifying existing customer information in company systems. This document outlines steps to follow for new customer set-up requests, rush set-up requests, and customer information changes.

The purpose of this policy is to detail the acquisitions/new business development process for a company, including subsidiaries. This applies to the initiation, due diligence, execution, and purchase accounting and integration of all acquisitions.

This sample outlines a set of policies and procedures for avoiding any possible conflict of interest in the conduct of grant or contract activities for academic institutions, to prevent employees or consultants from using their positions for purposes that are, or give the appearance of being, motivated by a desire for private gain for themselves or others, such as those with whom they have family, business or other ties.

This sample outlines a set of policies and procedures for committing the Company to legal obligations, financial commitments, and in conducting financial transactions.

This policy sets out the risk management objectives and requirements for a company's business units. Management is expected to conduct structured risk management in accordance with this policy. The policy is applicable to all business units and divisions. It is also applicable at group level and for group staff functions including Financial, Human Resources, Tax and Legal.

This sample outlines a set of policies and procedures for establishing the standards and procedures for ensuring that Company accounts for capital assets and depreciation are in compliance with management’s objectives and generally accepted accounting principles.

This sample outlines a set of policies and procedures to help a company and each of its direct and indirect subsidiaries, and each of it’s senior officers and directors, identify and properly address potential conflicts of interest.

The following sample outlines a set of policies and procedures for structuring risk management activities to ensure that risks are identified, assessed, managed, monitored and reported in a uniform manner. The aim of risk management is to provide reasonable assurance that companies understand the risks associated with achieving business objectives, and that they are responding appropriately to these risks at all levels within the organization.

This sample policy outlines a set of policies and procedures for asset-backed securitization and factoring of receivables.

This sample outlines a set of policies and procedures for ensuring that claims submitted to third parties for services administered are estimated accurately and resolved in a timely manner. Note: This example includes some information specific to Texas, but is otherwise generally applicable.

This sample outlines a set of policies and procedures to assist an Information Technology Group in backing up server-based data, with details of the required backup tapes, devices, and software. In addition, this policy addresses the file restoration process.

This sample outlines a set of policies and procedures for the use of cash and cash equivalents that preserves principal, meets liquidity needs, and delivers a suitable return in relationship to these policies and market conditions.

This sample outlines a set of policies and procedures to provide a company with a single reference for governance pertaining to matters of security for personnel, facilities, assets, information, and business operations. In addition, this policy allows the development of more specific policies, standards, processes, and procedures as required. This policy should be periodically reviewed and updated, where necessary, to reflect changes in the technology environment.

This policy establishes procedures to follow prior to signing vendor contracts on behalf of the company. These steps include obtaining required approvals from the legal department and vendor.

This sample policy outlines a set of policies and procedures to ensure that one un-audited semi-annual and one audited annual physical inventory should be taken of raw materials, work in process, and finished goods. This document specifically discusses topics such as the annual and periodic physical inventory process, off premise inventories, inventory ownership, and reconciliation of physical and perpetual records.

This sample policy establishes guidelines for a company’s activities related to opening, closing and maintaining financial institution accounts. This document discusses topics such as banking relations, qualifications of financial institutions, opening and closing an account, and required account approvals.

This sample policy outlines a set of policies and procedures to reconcile the significant accounts contained in the general ledges of a Company and its subsidiaries to assure their accuracy. This document specifically discusses topics such as responsibility for this process, reconciliation completion and review steps, and disposition of unreconciled items.

This sample policy outlines a set of policies and procedures governing the purchasing process. This document specifically discusses topics such as purchasing requirements, approval levels, placement of orders, and receipt and acceptance.

This sample outlines a set of policies and procedures that define the limits of authority designated to specified positions of responsibility within a company, and to establish the types and maximum amount of obligations that may be approved by individuals.

This sample outlines a set of policies and procedures governing the security of production equipment used in an Internet-facing environment.

This sample outlines a set of policies and procedures to prevent violation of any and all national and international anti-bribery and anti-corruption laws and treaties. All employees, agents of the Company, joint-venture partners, or anyone else doing business in Company X’s name, are required to comply strictly with the FCPA, all other applicable anti-bribery and anti-corruption treaties, and all national laws.

This sample policy ensures all manual journal entries to the Company’s general ledgers are properly prepared, supported by adequate documentation, reviewed, approved and recorded and that journal records are maintained in accordance with audit requirements.

This policy provides guidance regarding the recognition and disclosure of contingent liabilities, to insure that contingencies are recorded and disclosed accurately, completely, timely, and consistently.

This sample policy outlines a set of policies and procedures to ensure patient benefits are verified prior to or immediately following an admission or outpatient procedure. This document discusses topics such as insurance verification, insurance authorization for planned procedure, and uninsured patients.

To comply with SOX guidelines, it is important to establish appropriate policies that incorporate controls emphasizing the use, storage and modification of spreadsheets and databases used in preparation and reconciliation of the financial reporting process. This policy is intended to ensure that all spreadsheets/databases critical to the financial reporting process or that generate key reports relied upon by management are managed and controlled based on associated risks.

This policy outlines the roles and responsibilities of the IT department as well as the users and developers of spreadsheets and financially significant desktop tools (including Access, Crystal Reports, and Queries) to meet SOX requirements for control over financial reporting.

The objective of this document is to provide policy and procedure guidance for conducting major activities in a company's data centers: help desk support; user access management; system monitoring; problem management, and environmental controls.

The purpose of this document is to outline the process departments are required to follow in order to store and retrieve their respective records, and to document how the records will be maintained.

The objective of this document is to provide policy and procedure guidance for implementation of change management within the company’s network/infrastructure.

This sample outlines policies and procedures for data management (back-up and recovery).

This sample outlines a set of policies and procedures for managing company records in an appropriate, systematic and timely manner.

The purpose of this policy is to establish guidelines related to credit and payment collection activities, including use of the Payment Discrepancy Tracker system for tracking payment discrepancies, and all authorizations required to adjust accounts receivable.

This policy establishes the appropriate business use, responsibilities and authorization for company issued credit cards.

This policy provides guidelines for capitalizing, depreciating, transferring, disposing, and maintaining control of capital or fixed assets. It establishes standards and procedures to ensure that accounting for capital assets and depreciation is in compliance with management’s objectives.

This policy establishes guidelines and methods for maintaining an accurate revenue recognition process by periodically assessing the company’s projects’ profitability so that the overall revenue and cost of projects are correctly stated on company’s income statement.

The purpose of this policy is to define methods and strategies for an effective IT change management process. Critical components of the change management process include accurate documentation, continuous oversight, and a formal, defined prioritization and approval process.

The system development life cycle (SDLC) methodology promotes a controlled business environment where an orderly process takes place to minimize risk for implementing major new applications or changes to existing applications. The purpose of this policy is to clearly define the methodologies and processes for effective implementation of application development projects and significant application upgrades.

This policy highlights an employee's responsibility with regard to keeping their workstation virus free. The document describes tasks that an employee should undertake on a routine basis to identify and remove infected files.

This policy outlines steps to ensure that all critical data in applications and on servers is frequently backed up, stored and secured offsite.

This policy outlines procedures for collecting on customer accounts that are past due.

The purpose of this policy is to help employees understand the values and beliefs of an organization. Topics covered include: Foreign Corrupt Practices Act, employment practices, antitrust compliance, and ethics hotlines.

This policy establishes procedures to ensure the continued integrity of a company’s internal controls system. It focuses on timely transition of internal control responsibilities when needed; continued and ongoing execution of key controls; and swift maintainance to internal control documentation that reflects actual controls in place and responsible individuals.

These sample purchasing procedures document includes flowcharts, which depict the procedures to be followed, and includes samples of the standard forms that are used during the process.

This accounts payable document includes flowcharts depicting the recommended procedures that should be followed and samples of the standard forms commonly used during this process.

This document includes flowcharts depicting the procedures to be followed and samples of the standard forms which are used during the receiving process.

The purpose of this document is to develop a consistent process for scheduling and managing IT security assessment processes. The general steps outlined provide a process for conducting various types of assessments, as well as guidelines for monitoring security compliance within the computer system and network environments.

This policy outlines a set of procedures for the credit card data purge process including specific purge procedures, a purge schedule, and related definitions.

This policy documents the controls and procedures designed to ensure limited access to, and control of financial reporting documents used for the preparation and updating of quarterly and annual public filings with the US Securities and Exchange Commission.

This policy outlines procedures taken to create, rotate, and purge encryption keys used for securing credit card data within software applications.

The purpose of this policy is to define security policies that apply to temporaries, contractors, consultants, and third parties, when such connectivity is necessary for business purposes. This policy covers both the physical and administrative requirements needed to manage secure network connectivity between an organization and any third party requiring access to the organization’s computing resources.

The purpose of this security policy is to outline the user’s responsibilities in ensuring updates and maintenance of anti-virus computer software.

This policy establishes information security policies setting baseline criteria for access to, through, or from an organization’s communication networks. It is intended to set the information security criteria, means, methods and measures to protect the confidentiality, integrity and availability of information assets and communication networks.

The purpose of this policy is to establish procedures and requirements to ensure the appropriate protection and continuous operation of a company’s firewall infrastructure.

This policy outlines a set of procedures for receiving debit notes from customers in situations where goods are returned or rejected.

This document provides an outline and framework for creating a set of policies and procedures focused on the organization’s security of information.

This sample risk policy addresses the components of an effective commodity risk infrastructure. It provides guidance in communicating overall risk governance, the organization’s structure, and minimum standards for processes, controls and reporting.

This policy outlines procedures for evaluating, negotiating, and executing significant contracts and internal and external projects with legal and/or financial implications.

This policy is intended to facilitate the early detection and disclosure of reportable items to the SEC and to improve the efficiency and effectiveness of compliance efforts. The policy applies to all corporate and subsidiary locations, with particular emphasis on parties responsible for financial reporting and disclosure of related events.

This policy provides an overview of information security services (ISS) procedures, standards, and guidelines. This policy is written to protect user accounts, corporate data, and intellectual property owned by a company.

This policy establishes the guidelines for recognizing revenue, costs of goods sold, and in-transit inventory.

The purpose of this policy is to ensure that all employee blog and social networking activities incorporate consistent standards to maintain and reinforce the corporate image.

Use this policy to ensure that credit and debit card information and other personal financial data is accessible by a limited number of authorized team members and maintained in accordance with applicable law.

This policy outlines procedures for extending background checks to temporary personnel and independent contractors.

This policy outlines procedures governing the accuracy and reliability of spreadsheets and other similar applications used to produce or support critical financial information, and to mitigate the risk of financial reporting errors caused by end-user computing errors.

This policy establishes procedures for the proper accounting treatment of fringe benefit adjustments.

This policy provides procedures to be followed when dealing with issues resulting from the bankruptcy of a customer or writing-off bad debts.

This policy provides a consistent, uniform approach for identifying and evaluating potential acquisition candidates.

This policy provides guidance on recognizing contingent liabilities and their proper disclosure within the financial statements.

This policy outlines a set of procedures governing knowledge sharing within a company by using a knowledge management (KM) strategy that ties the efforts and information created and used by various product, industry and process groups into one cohesive platform.

This policy focuses on processing freight claims for shipments where the carrier lost and/or damaged goods during shipment, or where there is a shortage in the delivered goods.

This policy outlines a set of procedures to provide for the credit and collection of accounts receivable in a nondiscriminatory manner and to maximize the company’s profitability by minimizing write-offs of bad debts.

This policy outlines procedures to ensure content quality when creating financial statements and related disclosures.

This policy helps ensure that corporate IT resources are appropriately protected from destruction, alteration or unauthorized access and that these protections are accomplished in a manner consistent with business requirements.

This policy provides standard procedures to reconcile cash accounts at a bank.

The purpose of this policy is to establish internal controls over the purchase of company vehicles.

This sample policy serves as a code of conduct specific to senior financial officers of a company with the purpose of documenting a clear understanding of roles and responsibilities.

This accounts receivable policy establishes guidelines relating to receivable management, in particular how and when to reserve a receivable, write-off a receivable and recover a receivable.

This policy outlines areas of responsibility related to the company tax process, including federal and state tax, payroll tax, audits, and acquisitions/dispositions.

This policy outlines a set of procedures for the proper use of instant messaging by company employees.

This policy outlines procedures to ensure the completeness and accuracy of financial disclosures made in quarterly and annual public filings with the SEC.

This policy outlines procedures to ensure the fair presentation and disclosure of financial results, and is designed to ensure comfort to executives responsible for signing the external disclosure certification submitted to the SEC in accordance with SEC rules and regulations required by the Sarbanes-Oxley Act of 2002.

This policy provides disposal and notification guidelines and includes an example schedule of retention periods for many types of records including communications, contracts, facilities, finance and HR documents.

This policy defines procedures related to intranet and internet security in response to potential risks.

This policy outlines a set of procedures for processing and recording cash receipts.

This is a sample of emergency policies and procedures for a business office. It includes procedures for safety teams, fire prevention/drills, disabled assistance, earthquakes, power outages, workplace violence and bomb threats.

This policy documents the signature approval and authorization requirements necessary to commit company funds or assets related to trade promotion and pricing.

Cash handling procedures are critical to safeguard the most liquid assets of any company. This document discusses cash controls including posting, bank interactions and other important considerations.

This policy establishes procedures to manage fixed assets and ensure accounting for these assets, including depreciation, is in compliance with management's objectives.

The purpose of this policy is to ensure that all sensitively classified data is properly handled whether being transmitted within the organization or to a trusted third party.

The following sample outlines a set of policies and procedures for the verification of customer deductions and rebates in a retail environment. All trade deductions and rebates should be tested on a periodic, sample basis according to these procedures.

This policy outlines procedures to be used when new accounting standards have been issued and require implementation..

This policy defines related party transactions, identifies the significance of related party accounting implications, and provides guidance regarding approval and reporting of related party transactions.

This sample policy defines the conditions under which an employee, contractor, vendor or other person may access and use the internet via a company’s private network.

This policy establishes procedures for identifying pending rebate and for calculating the appropriate payment value.

This policy outlines a set procedures for dealing with invoice deductions in a retail environment.

This policy outlines a set procedures for dealing with invoice deductions in a retail environment.

This policy outlines a set of procedures for identifying and correcting duplicate deductions and/or rebate payments in a retail environment.

This policy provides standardized procedures for backing-up and maintaining computer files within an organization on a regular basis.

This policy outlines a set of procedures for capitalizing, depreciating, transferring and disposing of capital assets and other assets.

This sample policy defines requirements for document disposal and is designed to help ensure that company executives and personnel are not unwittingly breaking the law.

This policy is intended to provide a standardized means of identifying and accounting for the retainage of funds related to large scale projects.

This policy provides guidance on retention of and access to corporate accounting documents by employees.

This policy outlines rules and guidelines for Internet and email use within a company.

The following sample outlines a set of policies and procedures for the payroll function including how to administer tuition reimbursements, change employee information, and processing resignations/terminations..

This policy outlines a set of procedures for correctly dealing with withholding or delaying an order as a result of customer non-payment.

This policy establishes the standards and procedures for accounting system security in compliance with management's objectives.

This policy establishes the standards and procedures for ensuring that company accounts for capital assets and depreciation are in compliance with management's objectives and GAAP.

This policy outlines procedures to manage and account for company cash funds including receivables, payables and petty cash.

Research and development expense includes the conceptual formulation, design and testing of product alternatives, construction of prototypes and operation of pilot plants. This policy addresses how to account for these costs.

This policy establishes standards and procedures to ensure that the accounting and audit-related complaint handling process complies with management’s and the audit committee’s objectives.

The following policy outlines a set of procedures for the purchasing cycle, focusing on topics such as: placement of orders, receipt and acceptance, payment for orders and return of goods to supplier.

This sample can be used to create an information privacy policy for a company website.

This policy is for invoices paid by accounts payable primarily focusing on operating invoices, employee advances, expense reports, and casual labor/subcontractors.

This document outlines procedures for developing company financial policies and the related approval process.

This sample policy defines the conditions under which company email systems may be used for communication.

This sample policy defines the conditions under which an employee, contractor, vendor, or other person may have remote access to a company’s private network.

The following sample outlines a set of policies and procedures for sales customer follow-up.

This policy establishes guidelines for appropriate recognition of a liability relating to employee termination benefits and other related costs.

This policy outlines a set of procedures for structuring the chart of accounts within the accounting system.

The following sample outlines a set of policies and procedures for sales returns.

The following sample outlines a set of policies and procedures for sales call handling.

The following sample outlines a set of policies and procedures for sales order entry.

The following sample outlines a set of policies and procedures for the sales process.

The following sample outlines a set of policies and procedures for sales conduct.

This policy includes standards for work performance, unauthorized possession or removal of property, and failure to safeguard confidential information.

The following sample outlines a set of policies and procedures for employee sick leave.

The following sample outlines a set of policies and procedures defining employee eligibility and company observance of U.S. public holidays.

The following sample outlines a set of policies and procedures for sales training.

This policy outlines a set of procedures for using paid time off and extended illness benefits.

This policy outlines a set of procedures for recognizing rent expense on facility leases.

This policy outlines a set of procedures to document a company's equal employment policy.

This sample outlines a set of procedures to follow for employees to file grievances and the related resolution process.

The following sample outlines a set of policies and procedures for employee vacation accrual.

The following sample outlines a set of policies and procedures for new hire paperwork - pay data.

The following sample outlines a set of policies and procedures for new hire paperwork.

The following sample outlines a set of policies and procedures for accounts payable and accrued expenses. All expenses shall be captured to the greatest degree possible in the period that they are incurred and only valid and authorized payables are recorded and paid.

This sample policy outlines the company's principles with respect to maintaining a fraud free environment, details procedures for employees to report suspected fraud and describes actions to be taken by the company.

The following sample outlines a set of policies and procedures for assigning and maintaining account names and numbers in the company's chart of accounts.

This sample outlines a set of policies and procedures for the payroll process including overtime, paid holidays and resignations/terminations.

This sample policy outlines a set of rules and guidelines for employees to follow when engaging in business travel for the company. The policy reflects a heightened sensitivity to travel costs.

This sample outlines a set of policies and procedures for expense recognition. This policy establishes the standards and procedures to ensure that accounting for expense recognition is in compliance with management's objectives.

This sample outlines a set of policies and procedures to establish standards and a calendar for the monthly financial close process.

This sample policy outlines the requirements for approving, processing and collecting employee receivables.

This sample outlines a set of policies and procedures for perpetual cycle counting of all raw material and finished goods inventory.

The following sample outlines a set of policies and procedures to define the requirements for the account reconciliation process and communicate those requirements to those responsible for preparing the reconciliations.

The following sample outlines a set of policies and procedures for creating or revising corporate financial policy statements in a consistent manner throughout the organization.

This policy establishes the standards and procedures for ensuring that the company accounts for intercompany charges in compliance with management's objectives. The purpose of intercompany accounting is to allocate assets, liabilities, revenues, and expenses to the appropriate legal entity in relation to the economic benefits and obligations associated with the operational activity incurred.

This sample outlines a set of policies and procedures for foreign exchange management

The following sample outlines a set of policies and procedures for ensuring that accounting for deferring and amortizing the costs of promotional materials is in compliance with management's objectives.

The following sample outlines a set of policies and procedures for paid time off including vacation, holiday and other types of approved employee leave.

This sample outlines a set of policies and procedures for inventory valuation and to ensure it is properly controlled.

The following sample outlines a set of policies and procedures for payables and accrued liabilities.

This policy establishes guidelines for the formulation, finalization and maintenance of a company’s policies and practices.

The following sample outlines a set of policies and procedures for monthly accruals.

The following sample outlines a set of policies and procedures for policy development.

The following sample outlines a set of policies and procedures for relocation assistance.

The following sample outlines a set of policies and procedures for translation of foreign financial statements.

This policy establishes the standards for remeasurement and foreign exchange rates in compliance with management’s objectives.

The following sample outlines a set of policies and procedures for prepaid expenses.

The following sample outlines a set of policies and procedures for referral bonuses to encourage employees to become involved in the recruitment process and refer candidates to the company for employment.

This sample policy outlines procedures to protect a company’s receivables and ensure the fair market value of such assets is properly recorded.

The following sample outlines a set of policies and procedures for military leave of absence.

The following sample outlines a set of policies and procedures for retention of electronic and paper records.

The following sample outlines a set of policies and procedures to allow employees to fulfill their civic obligation to jury duty service by providing time off and compensation.

This policy provides rules and guidelines for internet and intranet use by employees and security within a company.

This sample outlines a set of policies and procedures setting forth the appropriate guidelines for investing surplus cash.

This sample outlines a set of policies and procedures for an internal transfer or job posting, to foster a workplace where qualified employees are encouraged to seek various career opportunities, gain valuable work experience, enhance their competencies and increase job satisfaction.

This policy provides consistent hourly payroll processing procedures to ensure adequate standards of internal accounting controls are met.

This sample outlines a set of policies and procedures for hiring and paying independent contractors, including the definition of an independent contractor.

The following sample outlines a set of policies and procedures for overtime worked to ensure compliance with relevant regulations.

The following sample outlines a set of policies and procedures for personal leave of absence to coordinate the needs of the employee and company.

This sample policy documents the approval process required to incur long-term debt or issue equity to fund major internal or acquisition-related expansion projects.

The following sample outlines a set of policies and procedures for the petty cash disbursement and reimbursement process.

The following is a sample policy statement for safeguarding personal property while on assisgnment.

The following is a sample policy statement for possession of handguns/weapons.

The following sample outlines a set of policies and procedures to keep company personnel records and employee health files confidential.

This document establishes the appropriate accounting policies relating to the acquisition of technology as well as for payments made for non-recurring engineering costs and other in-process research and development.

The following policy outlines a set of procedures for business travel and entertainment expenses including documentation guidelines for the expense reimbursement process.

This policy focuses on maintaining an asset management system to monitor and manage investments made in fixed assets and inventory.

This policy focuses on recording accrued liabilities on a consistent basis each accounting period.

This document outlines a set of policies and procedures for prepaid expenses, which are defined as costs incurred to acquire an economically useful good or service that has not yet been consumed in the revenue earning process. These unexpired costs generally include items that will be consumed within one year or less.

This policy focuses on having continuous dialogue with present and potential investors; informing them of the company’s progress, goals and other pertinent information as required by law and to maintain good business relations.

This document outlines procedures when dealing with unclaimed checks, the process of turning these checks over to the state government, and the impact on the bank reconciliation process.

This policy addresses the development, implementation, enhancement and maintenance of financial systems such as the general ledger system, accounts receivable system, accounts payable system, fixed asset system and purchasing system.

The following sample outlines a set of policies and procedures for appropriate authorization, which must be obtained prior to ordering goods and services and issuing associated payments.

This policy outlines scope, responsibilities and procedures for establishing an internal control environment that meets corporate financial reporting needs and fulfills management’s fiduciary responsibilities towards shareholders.

This policy outlines procedures for preparing and issuing internal audit reports; preparing responses to internal audit reports; monitoring and reporting on the status of recommendations; and verifying implementation status.

The following sample outlines a policy prohibiting sexual harassment.

The following sample outlines a set of policies and procedures for Security of Data (with UNIX Example).

The policy focuses on the establishment of an internal audit department and its purpose, responsibilities and reporting structure within the organization.

The following sample outlines a policy prohibiting sexual harassment.

The following sample outlines a set of policies and procedures to prohibit smoking in the workplace.

The following sample outlines a set of policies and procedures for software upgrades

The following is a sample policy statement for Tuition Reimbursement.

This policy focuses on identifying unusual or non-recurring items so they can be properly disclosed and discussed in external financial reports, press releases and reports to shareholders.

The following sample outlines a set of policies and procedures for Workers Compensation.

The following is a sample policy statement for alcohol and other drugs. Under no circumstances should any personnel be under the influence of alcohol, drugs or other controlled substances in the workplace or in any setting where he or she may be identified with the Company.

The following sample outlines a set of policies and procedures to ensure worldwide consistency in the area of banking. The company and its subsidiaries will conduct general banking with financial institutions that meet the specific guidelines outlined in the policy.

The following sample outlines a set of policies and procedures for background checks, which includes verification of: Education/Certifications/Licenses; Criminal History; Driving Record; Previous Employment; Military Experience; Credit Verification; and Exclusion from Government Programs.

This policy establishes guidelines for company activities relating to bank accounts, wire transfers of cash, short-term investments of surplus funds, financing, foreign exchange exposure and risk (insurance) management.

The following sample outlines a set of policies and procedures for bereavement benefits, to provide employees sufficient time to attend services due to the loss of an immediate family member.

The following sample outlines a set of policies and procedures for acquiring, disposing, capitalizing, depreciating, transferring and maintaining control of capital assets.

The following sample outlines a set of policies and procedures for cellular phone reimbursement, to establish maximum reimbursement guidelines for cellular phone usage.

The following sample outlines a set of policies and procedures to provide guidelines for the request and authorization of a manual check by use of a check request form.

The following sample outlines a set of policies and procedures to provide standard guidelines for the disbursement of Company funds by Accounts Payable authorized Check Requests, for goods and services that cannot practically be obtained through the company's procurement process.

This policy outlines procedures to ensure all foreign intercompany accounting transactions are recorded timely.

The policy outlines procedure for intercompany transactions defined as accounting transactions that occur between two or more locations within a company.

The following sample outlines a set of policies and procedures defining the guidelines concerning confidential company information. This applies to the public disclosure of confidential company information by any company employee, .i.e. any information not publicly announced that could reasonably affect the market price of the company's stock if it were disclosed to the public.

The following sample outlines a set of policies and procedures defining employee eligibility and company observance of U.S. public holidays.

The following sample outlines a set of policies and procedures for confidentiality in healthcare, to protect patients' right to privacy, to protect confidential information regarding business, and to document that each person understands his/her role in protecting confidential information as well as the consequences for violating the policy.

The following sample outlines a set of policies and procedures defining the guidelines concerning confidential company information. This applies to the public disclosure of confidential company information by any company employee, .i.e. any information not publicly announced that could reasonably affect the market price of the company's stock if it were disclosed to the public.

This sample outlines a set of policies and procedures for dealing with the Foreign Corrupt Practices Act (FCPA) and related business practices. It is the company's policy to comply with FCPA in every aspect. Each officer, manager, and employee of the company has the responsibility for compliance with the FCPA within their area of authority.

This sample outlines a set of policies and procedures for firearms, weapons, and explosives to maintain a safe working environment.

This sample outlines a set of policies and procedures for Family Medical Leave. The company grants family and medical leaves of absence in order to support and promote a healthier balance between work and family responsibilities, in accordance with the U.S. Family and Medical Leave Act of 1993.

This sample outlines a set of policies and procedures for Equal Employment Opportunity. The policy affirms equal opportunity for all employees and applicants for employment in accordance with all applicable laws, directives and regulations of federal, state and local governing bodies or agencies.

This sample outlines a set of policies and procedures for employment of related persons.

This sample outlines a set of policies and procedures for investigating and reporting harassment in the workplace.

This sample outlines a set of policies and procedures for immigration. To comply with the requirements of all applicable immigration laws the company will not knowingly hire or continue to employ undocumented persons who are not authorized to work in the United States.

This sample outlines a set of policies and procedures for employing individuals with disabilities in accordance with the provisions of the Rehabilitation Act of 1973 and the Americans with Disabilities Act of 1990.

This sample outlines a set of policies and procedures for an industrial leave of absence, in accordance with all U.S. state and federal regulations pertaining to Workers' Compensation.

This sample outlines a set of policies and procedures for insider trading. All insider trading transactions must comply with these procedures in order to comply with securities laws as defined by the Security Exchange Commission.

The primary goal of this policy is to document the company’s process and procedures for accounting for goodwill. Under SFAS 142, goodwill should be periodically reviewed for impairment, properly valued and reported.

The purpose of this policy is to define the processes for sharing revenue between a company’s parent country operations and its subsidiaries abroad for sales and services of products directly shipped to various customers.

This policy establishes guidelines for revenue recognition including right of return procedures and revenue recognition prior to delivery of goods.

This policy establishes guidelines regarding company inventory definitions and classifications, personnel responsibilities, inventory valuation, inventory adjustments, inventory reserves and disposition of inventory.

The purpose of this policy is to define guidelines, requirements and processes for revenue sharing between two corporate subsidiaries when customers relocate to another country due to events such as acquisition, restructuring or cost reduction.

This policy provides guidelines that ensure uniform accounting for allowances for doubtful accounts in all divisions, controlled subsidiaries, and joint ventures.

This policy establishes appropriate review, notification, and signature authorization requirements for certain actions and documents for a company.

The document establishes standard policies for what constitutes an employee expense and how each one is processed. It also lays out the different types of expenses that can be incurred by employees.

The enterprise change management process provides the structure to consistently manage IT assets. This policy also focuses on effectively mitigating the risks to system availability, integrity of data, and the interoperability of the organization’s information resources.

The intent of this document is to assist control owners, process owners and internal audit with implementing and executing a control self-assessment (CSA) process. CSA is an organized means of using the knowledge of those who are most familiar with a topic, such as processes/controls. This process is also used to evaluate how effectively the organization is managing risks.

This policy is aimed at establishing guidelines for granting, modifying, and disabling network user access. It also covers guidelines for account access and the creation, termination, and modification of accounts for permanent and temporary employees or third party personnel.

This policy establishes the standards and procedures for maintaining proper system access security at a company. It addresses user access rights, responsibilities of process owners, changes and deletions of employees, and the annual review of access and segregation of duties.

The document outlines a set of policies and procedures for automated controls. This policy defines the internal control testing processes and the testing frequency of these controls at a company.

The purpose of this policy is to document an organization’s internal disclosure certification process. These steps are designed to assist executive management responsible for signing external disclosure certifications related to the company’s internal controls over financial reporting.

The purpose of this policy is to ensure that principles of sustainability are incorporated into actions carried out by the company. Sustainability refers to both sustainable development and sustainable systems that meet present needs without compromising the future.

The purpose of this policy is to ensure, encourage and enable the reduction of energy use by the company and its customers. The corresponding overview document provides suggested energy conservation methods related to heating and cooling, lighting, and equipment and appliances.

This policy focuses on ensuring all controlled and identified materials used in operations are properly managed to comply with laws and regulations and to minimize harmful effects on the environment.

The following sample outlines the procedures taken to create, rotate, and purge encryption keys used for securing credit card data within software applications.

The following sample outlines a set of procedures for the credit card data purge process including specific purge procedures, a purge schedule, and related definitions.

This policy is based on the ISO Standards for handling complaints, with some sections on negotiation, mediation and arbitration resolution techniques that are used before litigation. The author of this policy asserts that complaints management is an integral part of Enterprise Risk Management.

The purpose of this policy is to ensure that all internal and external corporate communication incorporate consistent standards to maintain and reinforce the corporate image.

The purpose of this policy is to ensure that the company website reflects a consistent corporate image that preserves and builds the value of the corporate brand.

The purpose of this statement of policy is to ensure that a “do not call” list will be maintained and consumers on that list will not be contacted by outbound telemarketing representatives. Also, to ensure that nothing is done to impair the brand and image of the organization.

The purpose of this document is to develop a consistent process for scheduling and managing IT security assessment processes. The general steps outlined provide a process for conducting various types of assessments, as well as guidelines for monitoring of security compliance within the computer system and network environments.

The purpose of this document is to establish procedures and requirements to ensure the appropriate protection and continuous operation of a company’s firewall infrastructure. Given the sensitive roles firewalls play in a network infrastructure, the manner in which they are administered and maintained is critical to business operations.

This policy outlines the steps a company and its employees should take to maintain a level of confidentiality over all appropriate business information and personnel information. This document also contains an appendix: “10 Principles for the Protection of Personal Information.”

This policy outlines the relationship between a company and its external auditors. This document also discusses the importance of providing external auditors adequate information and other related company responsibilities.

This policy provides additional policy guidance for not-for-profit organizations in the areas of mandate, roles of volunteer boards and executive directors, special board committees and their roles, and volunteer principles. The scope in this policy applies to the Board of Directors, the executive director, and all other employees and volunteers.

The purpose of this policy is to establish reporting relationships for the internal auditors of the company. Both internal and external auditors, by the nature of their work, have a special relationship with the board of directors. This policy spells out particular reporting relationships to ensure that appropriate governance can be applied.

The purpose of this policy is to set standards for board committee structures and protocols. To be most effective, board committees require formal terms of reference that clarify the committees’ mandates, composition and limitations.

The purpose of this policy is to simplify and clarify the essential elements of shareholders meetings. The policy applies to shareholders, the Board of Directors and all staff working on shareholder relations.

This sample outlines a set of policies and procedures for receiving debit notes raised by customers in situations where goods are returned or rejected.

This sample outlines a set of policies and procedures for correctly dealing with and recording receipts of cash.

Covered entities are permitted, consistent with applicable law and standards of ethical conduct, to disclose protected health information based on a good faith belief that the disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public. This policy provides guidance to ensure full compliance with all laws when using or disclosing protected health information to prevent or lessen a threat to the health or safety of a person or the public.

This form authorizes the use or disclosure of individually identifiable health information as described. The information may be re-disclosed and no longer protected by federal privacy regulations. The form can be used by organizations that are developing policies and procedures for compliance with the U.S. Health Insurance Portability and Accountability Act of 1996 (HIPAA).

This sample outlines a set of policies and procedures for revenue recognition in a company that derives revenue principally from the sale of electronic equipment built to customer specifications as well as from repair and design services.

This sample outlines a set of policies and procedures for providing a consistent, standardized, and proficient method for the admission of patients, and applies to standards and/or requirements prior to, or immediately following, admission of patients for in-patient treatment.

The following sample outlines a set of policies and procedures for ensuring that the Charge Description Master (CDM) provides a comprehensive listing of items that could be billed to a patient, payer or healthcare provider. The CDM is a file that contains a list of a U.S. healthcare provider’s chargeable services.

This sample outlines a set of policies and procedures for controlling access to and use of the Oracle eBusiness Suite and database. This includes user access management, change control, problem, incident, and patch management, as well as backup and recovery.

The following sample outlines a set of policies and procedures for ensuring that charges for healthcare supplies and/or services administered are recorded and posted to a patient account in the patient accounting system.

This policy outlines the correct calculation of earnings-per-share (EPS), as governed by U.S. Statements of Financial Accounting Standards (SFAS) 123R. Basic EPS is computed by dividing reported earnings available to common stockholders by weighted average shares outstanding.

The purpose of policy is to ensure that legal statutes regarding data retention and industrial and business requirements regarding data retention are observed; and data which has survived its retention period is destroyed promptly to avoid legal and litigation exposures.

The purpose of this policy is to specify the procedures to backup and allow for recovery of important data in the event of accidental or intentional corruption, loss, or destruction of the data. For data critical to the ongoing operation of the business, offsite storage will facilitate keeping the business operational in the event of a physical disaster at the original site.

The purpose of this policy is to ensure that downloading of large data files does not degrade company network response unnecessarily; planning for increased company network bandwidth is not skewed adversely by unnecessary large download activity; and the company is protected against copyright infringement action.

The purpose of this policy is to ensure that there are controls in place to detect errors by limiting opportunities for employee fraud or theft, to increase the probability of detection when fraud or misappropriation of assets is attempted, and to safeguard company computers and networks against inadvertent exposure to external threats.

The purpose of this policy is to control application development and to ensure that it is efficient, cost-effective, and aligned with the IT strategic plan.

This sample outlines a set of policies and procedures to provide guidance and to ensure full compliance with all applicable laws (e.g. HIPAA) related to the use and disclosure of protected health information for public health release purposes. Covered entities are permitted to disclose protected health information to public health authorities for a full range of public health activities.

The purpose of this policy is to establish procedures to minimize and/or prevent violence and unacceptable behavior in the workplace and to foster the safety and security of company employees, customers, and visitors to our work sites.

The purpose of this policy is to provide an effective problem-solving and dispute resolution process which every employee can utilize without concern for reprisal or recrimination. Employees need and deserve a process through which they can air grievances, complaints, etc. Informal resolution of disputes is the preferred method of dealing with issues. In unionized organizations the grievance procedure is usually one of the first clauses of a Collective Agreement to be negotiated.

The purpose of this policy is to communicate a company’s position on what matters could constitute a conflict of interest to employees, and to establish a protocol for disclosing and dealing with such conflicts of interest. Many conflicts of interest may not be obvious to an employee. The policy clarifies the employer’s perspective on what constitutes a conflict of interest and what the consequences may be if the employee if found to be in a conflict of interest.

This sample outlines a set of policies and procedures governing the disclosure of protected health information (PHI) for law enforcement purposes to a law enforcement official. PHI may be disclosed for law enforcement purposes without the written consent or authorization of the individual, or the opportunity for the individual to agree or object.

The purpose of this policy is to outline basic contract content and authorization requirements for sales contracts.

This sample contains procedures to ensure that the appropriate steps are taken to disclose only the minimum amount of protected health information necessary to accomplish the particular use or disclosure, as required under applicable laws and regulations.

The purpose of this policy is to ensure that the company obtains the best possible combination of quality and price from its suppliers.

The purpose of this policy is to establish accountability for setting commission rates and to define the point at which commissions are considered earned.

This is an example of a form that provides signed authorization for the use or disclosure of individually identifiable protected health information (PHI). This form can be used by organizations that are developing policies and procedures for compliance with the U.S. Health Insurance Portability and Accountability Act of 1996 (HIPAA).

This sample outlines a set of policies and procedures to give guidance and ensure compliance with all relevant laws and regulations when disclosing protected health information (PHI) in company directories. Health facilities maintain a patient directory for obtaining information regarding patients. Since this directory may sometimes contain personal information, it should be maintained with the utmost security and regard for patient confidentiality.

The purpose of this policy is to provide guidance to the finance department on reflecting costs in asset and liability accounts and when to bring costs into current expense.

This sample outlines a set of policies and procedures to give guidance and ensure compliance with all relevant laws and regulations (e.g. HIPAA) when using or disclosing protected health information (PHI). A covered entity may use or disclose PHI to the extent that such use or disclosure is required by law and the use or disclosure complies with and is limited to the relevant requirements of such law.

This sample outlines a set of policies and procedures regarding covered entities obtaining authorization to use or disclose protected health information (PHI) for health oversight purposes authorized by law (e.g. HIPAA), including audits; civil, administrative, or criminal investigations; inspections; licensure or disciplinary actions; civil, administrative, or criminal proceedings; or other oversight activities.

This sample outlines a set of policies and procedures that address reporting and analysis related to the Purchasing Cycle for purposes of better managing the business.

This sample outlines a set of policies and procedures regarding covered entities obtaining authorization to use or disclose protected health information (PHI). HIPAA requires a covered entity to obtain authorization to use or disclose protected health information for all purposes not explicitly permitted under the regulations (45 CFR §164.508(b)(4); §164.508(c); §164.508(d)).

This policy addresses the regular reporting and analysis requirements relating to the revenue cycle that must to be produced and reviewed to control and manage the organization.

This sample outlines a set of policies and procedures governing the use of portable computing devices and their connection to accompany network.

The purpose of this document is to increase all employees’ understanding of policies regarding discrimination and harassment in the workplace. This sample is based on the procedures and legislation applicable in Australia, but is generally applicable to many other non-US countries.

The following sample outlines a set of policies and procedures governing the handling of complaints regarding harassment, discrimination, and bullying. This sample is based on the procedures applicable in Australia, but is generally applicable to many other countries (except US).

Links to sample audit policies and procedures on the internet

This sample policy outlines a set of policies and procedures governing the revenue recognition process. This document specifically discusses topics such as sales, deferred sales, freight out, contra accounts to net sales, and applicable external guidance related to this process.

This sample outlines a set of policies and procedures governing the handling of Protected Health Information (PHI) in compliance with HIPAA security provisions. This policy must be followed when performing services for a client that is a Covered Entity or a Business Associate of a Covered Entity.

The following sample provides an outline of the policies and procedures that an organization must undertake in order to achieve ISO 9000 certification.

The following sample outlines a set of policies and procedures for protecting the safety and health of the employees at a Company. Although these procedures are generally applicable worldwide, some items refer specifically to U.S regulations.

This sample policy outlines the roles and responsibilities of management, internal audit, and the audit committee related to controls over an organization’s processes. This policy was derived from The IIA Quality Assurance Manual, Fourth Edition.

This sample outlines a set of policies and procedures formalizing the credit risk management process, the goal of which is to: protect against any unwarranted customer or counterparty credit exposures; maintain credit risk at a manageable level; and identify and avoid a material credit failure (of a significant value, which would impact earnings).

This sample policy outlines a set of policies and procedures governing the use of the Internet, Web browsers, and other applications with the ability to access or transfer data to or from servers connected to the Internet.

This sample outlines a set of policies and procedures governing the creation and use of user passwords to protect company computer systems.

The following sample outlines a set of policies and procedures governing the acceptable use of technology resources. Inappropriate use of technology resources can expose companies to risks including virus attacks, compromise of network systems and services, and legal issues.

The following sample policy outlines a set of policies and procedures governing user authentication and authorization and other access rules that help protect computer systems.

This sample outlines a set of policies and procedures governing access to production systems and applications, and the documentation of changes to these systems and applications.

This sample outlines a set of policies and procedures governing action to be taken when special circumstances prevent compliance with an established policy, procedure, standard, or guideline, or a federal or state regulation. This policy addresses how exceptions and non-conformance to existing Information Security Services policies, procedures, standards, and guidelines are handled.

The purpose of this security policy is to protect user accounts, corporate data, and intellectual property owned by an organization.

The purpose of this policy is to define the roles, activities, and responsibilities of administrators with regard to access rights to applications running on a company’s computer resources. The policy includes all system, database and application administrators (including third-party vendors) who have access to technology resources, either locally or remotely.

The purpose of this policy is to ensure that company confidential information and technologies are not compromised. This policy also establishes requirements for internal labs so that production services and other company interests are protected from lab activities.

This policy provides an example of how to communicate signature requirements necessary for daily business transactions in a company. This policy indicates to whom delegations have been assigned and applicable dollar limits. It covers topics such as types of authorization, temporary delegations, and organizational changes.

The following sample outlines a set of policies and procedures governing all changes to the access granted to a user of Company X’s computing systems. This defines the conditions for creating, terminating, or altering the status of a user’s access to Company X technology resources.

The following sample outlines a set of policies and procedures for the use of company email systems. The purpose of this policy is to define rules for the protection of company confidential information distributed by email and to document the acceptable and unacceptable use of email.

This policy outlines procedures to ensure that costs associated with company capital projects are accounted for according to Generally Accepted Accounting Principals (GAAP). The policy focuses on how recognition of contract costs can be affected by back-billing, claims, change orders and revised estimates. It also discusses methods such as estimated costs to complete, percentage-of-completion, and completed-contract.

This policy describes a broad range of actions that constitute fraud and that must be reported. The conditions of this policy apply to any irregularity, or suspected irregularity, involving not only employees but also shareholders, vendors and outside agencies. This policy addresses investigation responsibility, confidentiality, and reporting procedure.

The purpose of this security policy is to outline and define the user’s responsibilities in ensuring updates and maintenance of anti-virus software on his or her Company X computer.

The purpose of this policy is to define security policies that apply to temporaries, contractors, consultants, and third parties, when such connectivity is necessary for business purposes. This policy covers both the physical and administrative requirements needed to manage secure network connectivity between an organization and any third party requiring access to the organization’s computing resources.

This policy documents the controls and procedures designed to ensure limited access to, and control of financial reporting documents used for the preparation and updating of quarterly and annual public filings with the US Securities and Exchange Commission.

This policy documents the overall controls and procedures designed to ensure the quality and accuracy of disclosures made in quarterly and annual public filings with the US Securities and Exchange Commission.

The following sample outlines a set of policies and procedures for dealing with invoice deductions in a retail environment.

This sample outlines a set of policies and procedures for identifying and correcting duplicate deductions and/or rebate payments in a retail environment. All duplicate trade and non-trade deductions are to be investigated according to the procedures below.

The following sample outlines a set of policies and procedures that provides rules and guidelines for Internet and email use within a company. It is intended as a sample for other companies who are in the process of creating or re-evaluating their policy.

This policy provides guidelines and sets forth the appropriate accounting policies to prevent losses or shortages, and to ensure that all inventory items including raw materials/parts, work in progress, and finished goods and consigned inventory, are properly controlled and costed.

This sample outlines a set of policies and procedures to provide a standardized means of identifying and accounting for the acquisition of intangibles and their amortization while utilized by the U.S. offices and subsidiaries of Company X, for transactions in excess of $1,000 U.S. dollars.

The purpose of inter-company accounting is to allocate assets, liabilities, revenues, and expenses to the appropriate legal entity in relation to the economic benefits and obligations associated with the operational activity incurred. Accounting for inter-company transactions requires constant attention and reconciliation to prevent the loss of time and resources. This policy is designed to ensure that inter-company transactions are processed correctly at the time the transaction occurs.

This sample outlines a set of policies and procedures to provide a consistent format for reporting required financial information for management and statutory reporting requirements.

The following sample outlines a set of policies and procedures for accrued liabilities. It is intended to provide guidance with regard to the definition of and responsibility for items included in the Accrued Liabilities-Other account.

This sample policy defines the conditions under which wireless devices may be used for communication with a company’s private network.

This corporate compliance program documents professional standards of conduct and describes the confidential reporting system, policies for monitoring and auditing, procedures upon the discovery of misconduct and responsibility for compliance efforts. It also includes the code of business conduct and ethics with a certification page for employees to sign agreeing to compliance with the statement of policy.

The following is a sample policy for appropriate attire in the workplace.

The following sample outlines a set of policies and procedures for software to be sold, leased, or otherwise marketed. Note that some accounting standards and guidelines mentioned may have been superseded by new pronouncements.

This Information Security Policy contains policies and practices that govern the planning, organization and control of information security, reprinted with permission from Adecco SA. Information, documents, systems, networks, and applications are vital information assets that need to be protected as described here.

Autodesk developed a Code of Business Conduct for their 2,540 employees worldwide which they have agreed to share with KnowledgeLeader users.