Tools
The following tools were published on KnowledgeLeader this week:
Risk Culture Guide
For risk management and internal controls to function when a crucial decision-making moment arises, directors and executive management must be committed to making it work. This guide provides auditors with a comprehensive breakdown of the enterprise risk management (ERM) process and risk culture, including definitions, best practices, considerations, objectives and more.
Data Analytics and Mining Guide
Data analytics is the extraction of data from a company’s information system in order to perform data selection, classification, ordering, filtering, translation and other functions to provide meaningful information about business processes. This tool contains two guides that can be used by auditors to understand and review an organization’s data analytics and mining methodologies.
Sarbanes-Oxley Program Implementation Guide
This guide provides procedures, checklists and summaries that can be used to implement changes within an organization’s Sarbanes-Oxley program. It discusses change management types, changes to processes and controls, control change process timelines, changes to control documentation, change history reports, quarterly control checklists, sample checklist reports, additional standard reports, and key roles and responsibilities.
Security Management Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s security management process and to assist its progress from the initial/ad-hoc state toward the optimized state. In this sample, an optimized organization’s security classifications are proactively reviewed for critical applications, systems and data.
Code of Business Conduct Policy
Executing a successful code of conduct depends on three key elements: proper definition, effective communication and appropriate warning signals as monitoring tools. This tool contains four sample policies that define best-practice guidelines and procedures for following proper business conduct and ethical guidelines.
Purchasing Policy
This document contains four sample policies that establish standards and guidelines an organization should follow during its purchasing cycle. A purchasing policy focuses on ensuring quality materials, supplies and services are procured by authorized individuals from authorized suppliers with consideration given to the adequacy of quantities, competitive pricing and timely delivery.
IT Security Exceptions and Non-Conformance Policy
It is imperative that a company’s global network and its users comply with all information security services (ISS) policies, procedures, standards and guidelines. This policy addresses how exceptions and non-conformance to existing ISS policies, procedures, standards, guidelines, or a federal or state regulation are handled, and outlines a set of policies and procedures governing action to be taken when special circumstances prevent compliance.
Publications
KnowledgeLeader has also published several publications this week.
PCAOB Issues Staff Update and Preview of 2022 Inspection Observations
On July 25, 2023, the Public Company Accounting Oversight Board (PCAOB) published its Staff Update and Preview of 2022 Inspection Observations. In this Flash Report, we highlight troubling trends in inspection results and shed light on the PCAOB’s current areas of inspection focus.
Interweaving the Strands of AI and Soar Onto the Cybersecurity Mesh
As the digital world grows exponentially, so does the need for robust, scalable and flexible security solutions. In this article, we explore the concept of “cybersecurity mesh,” its criticality in defending digital assets, and how the integration of AI could transform this mesh into an intelligent, proactive and resilient cybersecurity shield.
Q2 2023 IPO Trends
Initial public offerings (IPOs) have continued to decline in the second quarter of 2023. In total, 34 IPOs raised a combined total of $7.4 billion during Q2. In this article, Audit Analytics takes a closer look at the decline in IPOs during the second quarter of 2023.
Recommended Resources
This list of recommended resources from the web may be of interest to you. Click each link to learn more.
- Three Foundational Steps to Help CFOs and Their Companies Get the Upper Hand on Managing ESG Data
- Sustainability Still Extrinsic to Many Companies’ Cultures
- Quality Management Standards: How to Identify Risks and Design Responses