Tools
The following tools were published on KnowledgeLeader this week:
Process and Controls Change Management Guide
Organizations can use the key roles and responsibilities in this guide to manage changes in their processes and controls. Key roles and responsibilities include: identify areas for scope changes, create a change management action plan and assign it to the corresponding PO, address the action plan in the self-assessment tool, document relevant controls in the self-assessment tool and create process maps.
IT Disaster Recovery Plan Assessment Checklist
This comprehensive tool is designed to help organizations evaluate their existing IT disaster recovery plans. It provides two sample assessment checklists, each with a series of best-practice questions tailored for both regulated entities, like banking or SEC-regulated firms, and non-regulated entities. The first sample focuses on pre-planning, plan development, plan testing and plan maintenance.
Stock Options Audit Report
Analyze your stock option process and related control testing and determine the adequacy of risks and controls with this audit report sample. Recommended solutions covered in this sample include: management should consider implementing a control that someone other than the compensation department is verifying the grant date to the approval date and management should consider implementing a control that someone independent of the process should verify the accuracy of the stock price via a third-party historical database.
Systems and Application Audit Work Program
The purpose of this work program is to provide the general steps used to perform a systems and application audit. Testing examples include systems designs, component integration, interfaces and data conversion routines. Although testing will not prove that the software is completely error free, formalized testing will assist with the identification and eradication of errors while providing a logical and methodical approach to ensuring that a range of scenarios has been examined.
Wire Transfer and Investment Audit Work Program
Use the key steps in this work program to review your company’s electronic funds transfer process, which allows customers to send funds to or from another financial institution. Project work steps include determining that policies, practices, procedures and internal controls regarding funds transfers are adequate and ensuring that employees involved in funds transfers are operating in compliance with established guidelines.
Virus Protection Policy
Protect your company’s computers from viruses and manage virus infestation with the best-practice guidelines and procedures in this tool. Sample procedures include: all email attachments will be checked for viruses by the servers before the messages are delivered to the user and virus updates and file scanning must occur in the background of desktop computers to not disrupt user activities.
Purchasing Bypass Process Policy
Understand the purchasing bypass process policy and its impact on procurement department regulations. According to this policy, the bypass form documents the reason that a purchase order (PO) has been requested after the fact of the start of a service or delivery of goods and allows regular management reporting of these policy exceptions and counseling of individual requestors.
Publications
KnowledgeLeader has also published several publications this week.
Deliver Audit Effective Results Using Project Management Techniques
Although project management is a critical internal auditor competency, you may wonder how project management skills relate to the performance of internal audits. If so, consider the definition of project management: a systematic, structured approach that enables you to plan, direct and control multifaceted tasks that require the contribution and participation of a diverse group of people. This article highlights four essential project management techniques for completing audits and advisory services projects more easily and within budget.
Zebra Technologies: Maintaining Relevance in a Dynamic World
Michael Stent, internal audit vice president at Zebra Technologies, sees a focus on relevance as critical for internal audit’s future and the value the function brings to the larger organization, especially in the dynamic technology industry. In this profile, Stent shares how his team is focused on predictive risk management as an alternative to using historical information to anticipate future risk.
AIR's Jo Ann Barefoot on AI, Automation and the Future of Financial Regulation
Jo Ann Barefoot is CEO and co-founder of the Alliance for Innovative Regulation (AIR), a nonprofit organization working globally to promote a more fair, inclusive and resilient financial system by helping adapt financial regulation for the digital age. In this VISION by Protiviti Interview, Joe Kornik, editor-in-chief of VISION by Protiviti, sat down with Barefoot to discuss AIR, digitization, AI and the future of regtech.
Recommended Resources
This list of recommended resources from the web may be of interest to you. Click each link to learn more.
- Audit Smarter by Reassessing Audit Risk
- Finance Transformation’s Front-End Alignment
- Only 28% of CFOs Say AI Is Critical to Financial Transformation: Report