Tools
The following tools were published on KnowledgeLeader this week:
IT Disaster Recovery Plan Assessment Checklist
This comprehensive tool is designed to help organizations evaluate their existing IT disaster recovery plans. It provides two sample assessment checklists, each with a series of best-practice questions tailored for both regulated entities, like banking or SEC-regulated firms, and non-regulated entities.
System Implementation Audit Work Program
Access the general steps for reviewing system implementation, including guidance on data conversion strategy and process. This work program provides guidance on data mapping and identifying key data, the data conversion strategy and process, and data conversion sign-off. Audit steps include determine what information is to be transferred/converted to the new system; review conversion approach/strategy documentation; review conversion flow documentation.
Capital Leasing Audit Work Program
Learn about the steps for performing a capital leasing audit, including reviewing controls, testing lease agreements/contracts, and verifying the billing process. Project work steps include review the company’s leasing process procedures and policies; test a sample of lease agreements/contracts, invoices, customer POS and support documents to ensure compliance with the company’s existing policies; test a sample of billable transactions to verify the controls of the billing process; etc.
Purchasing, AP, Travel and Entertainment Audit Work Program
The purpose of this work program is to provide the general steps used to perform an audit of purchasing, A/P, travel and entertainment, including the use of data analytics. Project work steps include conduct project planning, scope setting, and auditee requests/coordination; develop work program & other reporting templates; coordinate meetings with key process personnel.
Earnings Per Share Policy
Gain access to two sample policies for establishing uniform policies and calculating earnings per share. In these samples, potential common share examples include debt or equity instruments, including preference shares, that are convertible into common shares; rights granted under employee share plans that may entitle employees to receive ordinary shares as part of their compensation and similar rights granted under other share purchase plans.
Oracle eBusiness Suite Policy
Use the set of procedures in this sample policy to control access to and the use of the Oracle eBusiness suite and database. Under this policy, the standard backup and recovery strategy offers six daily snapshots (every four hours), seven nightly snapshots and two weekly snapshots available on disk for recovery. In addition, data is mirrored every night from the primary data center to the secondary data center.
Mobile Device Acceptable Use Policy
This policy includes three samples that define standards, procedures and restrictions for end users required to access corporate data from mobile devices. The primary goal of this sample mobile device policy is to protect confidential business data within a company’s technology infrastructure.
Publications
KnowledgeLeader has also published several publications this week.
The Theory of Internal Audit: The Purpose Driven Internal Audit
This article introduces the theory of purpose-driven internal auditing, emphasizing the discipline’s complexity and its integral role within the organizational nexus. In the realm of organizational management, “internal auditing” is defined as an independent and objective function that provides both assurance and consulting services, with the primary aim of adding value and enhancing the operational efficacy of an organization.
Sharpening the Board’s Focus on M&A Due Diligence
This issue of Board Perspectives suggests the most important questions directors should ask during the due diligence process. How has the due diligence process changed in recent years? For sure, the complexity of certain topics, such as environmental impacts, the supply chain, cybersecurity and data privacy, has increased. Whether an acquisition is a stand-alone, complementary entity or an integration, the due diligence process is undergoing a paradigm shift due to the higher cost of funding and the impact of failed transactions.
Former Cybersecurity Director: U.S. Navy Data Is the New Oil; We Need to Protect It
Kathleen Creighton retired from the U.S. Navy in 2021 following a 33-year career, including six years as a Rear Admiral, where she designed cybersecurity, IT and cloud strategy policy and governance for 607,000 Navy personnel. Currently, she is independent director for the ManTech Corporation, the West Bend Mutual Insurance Company and the Military Women’s Memorial. In this VISION by Protiviti interview, Perry Keating, managing director and president of Protiviti Government Services, speaks with Creighton about global threats, emerging tech, AI, the next generation of talent and how the private sector plays into national security.
Recommended Resources
This list of recommended resources from the web may be of interest to you. Click each link to learn more.
- 28% of Companies Involved in M&A Lack Key People Retention Plans
- CFO Optimism Reaches Three-Year High, New Survey Shows
- Protiviti-Oxford Survey: Business Leaders Bullish on the Potential of the Metaverse