Tools
The following tools were published on KnowledgeLeader this week:
IT Change Management Policy
This document contains multiple sample policies that provide an overview of procedures organizations should perform during the IT change management process. The IT change management process helps a company ensure that changes made to IT assets in the production environment are consistently and properly recorded, assessed, authorized, tested and released.
Disbursement Authorization Policy
This disbursement authorization policy establishes clear approval levels for binding commitments of a company, whether oral or in writing. It applies to substantively new standard sales/service contract templates or material substantive changes to an existing template. It also details the authorization limits for primary banks (including wires, ACHs and checks) and secondary banks.
Disclosure of Private Data Policy
This policy outlines procedures for the disclosure, protection and transfer of a company's private data. It provides guidelines on the transfer of private data to third parties, protection of information privacy, granting access to disclosures of private data records, identification of theft prevention by restricting access to personal information, and exposure of confidential or private information in public places.
Monitoring Entity-Level Controls Audit Work Program
In this document, we provide three sample work programs for monitoring entity-level controls. Each section of these work programs focuses on a specific attribute and the documentation that evidences the operating effectiveness of entity-level controls.
Active Directory Audit Work Program
This work program sample is a comprehensive tool that covers the entire active directory (AD) audit process, from architecture and design to user management and termination. The eight samples included here each address a separate area of the AD function/structure.
Auditing Corporate Governance Guide
‘‘Governance’’ is defined as a set of policies, procedures, processes, systems, people and relationships that govern the enterprise to direct and control the actions of issuers. This guide can be used by auditors to assess and understand the four pillars of an organization’s governance framework.
Publications
KnowledgeLeader has also published several publications this week.
Cybersecurity and Fusion Centers
The complex landscape of cybersecurity demands a simplified approach to facilitate a better understanding of potential risks and threats. This article explores how organizations can better anticipate potential threats and implement proactive measures to protect their digital assets.
Talking Talent and Training in 2030 and Beyond With HR Expert Nigel Jeremy
Read this conversation between Nigel Jeremy, a globally recognized expert within the HR and learning and development space, and Protiviti’s Joe Kornik about people and the future of work.
2021 Auditor Market Share of Registered Investment Advisers
A registered investment adviser (RIA) is an individual or firm who manages and advises investment portfolios. In this analysis, Audit Analytics takes a closer look at the audit firm market share of registered investment advisers broken down by U.S. region.
Recommended Resources
This list of recommended resources from the web may be of interest to you. Click each link to learn more.
- PCAOB Prioritizes Two Standard-Setting Projects
- The Ripple Effect of Supply Chain Disruption on Budgeting and Forecasting: Think Flexible and Long-Term
- Ask a CCO: Pressing Pain Point in Working With Data for Compliance