This page contains many of the sample checklists & questionnaires that are available on KnowledgeLeader. These checklists & questionnaires are all provided in downloadable versions so they can be repurposed for use in your organization.
Select one of the areas below to view summaries of these checklists & questionnaires, or click to view the full list by Date, Title, or by Topic.
Risk Oversight and Risk Management Questionnaire
Risk oversight and risk management are a high priority on the agenda of most organizations. The purpose of this questionnaire is to help boards and management think about how they can develop a deeper knowledge of the risk oversight and risk management processes, understanding both the current state and desired future state.
Managing Corruption Risk – Questionnaire
Anti-corruption has become a major global initiative. Still, it is naïve to expect that legislators, regulators, international trade organizations and other parties can eradicate customs and behaviors that have evolved over many centuries. This board of directors and management questionnaire focuses on corruption risk, the Foreign Corrupt Practices Act (FCPA) and other key considerations.
IT Planning Questionnaire
Technology is permeating virtually every aspect of business today. The purpose of this questionnaire is to help organizations think about how they can develop a deeper knowledge of the IT infrastructure and processes, to understand both the current state and desired future state.
International Human Resources Audit Checklist
The checklist outlines key consideration for an international human resources audit.
Risk Oversight and Risk Management Questionnaire
Risk oversight and risk management are a high priority on the agenda of most organizations. The purpose of this questionnaire is to help boards and management think about how they can develop a deeper knowledge of the risk oversight and risk management processes, understanding both the current state and desired future state.
System Development Life Cycle Questionnaire
This document is to serves as a pre-implementation checklist covering key system development life cycle areas to be considered by the project team.
System Development Controls Questionnaire
This questionnaire lists internal controls to consider when reviewing the system development process. The format of the questionnaire allows you to check off whether the control is in place, and to document verification procedures and exceptions.
Recruitment Process Interview Questionnaire
This document focuses on the recruitment process and provides questions to consider when developing process documentation.
Entity Level Controls - Control Environment Questionnaire
The control environment provides an atmosphere in which people conduct their activities and carry out their control responsibilities. It is the foundation for all other components of internal control, providing discipline and structure. This excel-based template provides a number of COSO elements and the related control objectives for entity-level controls. Within the questionnaire you can document items such as whether the control exists; whether it was designed properly; related test procedures; and management action plan for deficiencies.
IT Application Security Questionnaire
The questionnaire is designed for the IT application security process. It addresses topics such as access control mechanisms within the application, how users are identified, application security, password length, password history, new user access, user access change, standard access termination, and non-standard access termination.
Supply Chain Risk Questionnaire
The reality of today’s business environment is that the enterprise has no boundaries. Accordingly, the appropriate risk assessment approach applied to operational risks suggests the need for an end-to-end, extended enterprise view of the value chain; looking upstream to supplier relationships as well as downstream to channels. This document offers several questions to consider when evaluating supply chain risk.
IFRS Conversion Questionnaire
The cost, effort and length of time required to convert to IFRS depend on several important factors and will vary for each organization. In evaluating these variables, consider the questions posed in this document.
Positioning the Chief Risk Officer for Success – Questionnaire
When it is appropriate for a chief risk officer (CRO) or an equivalent senior risk executive to be in place, both the board of directors and management – not to mention the company’s shareholders – have a stake in that executive’s success. Organizations should assess whether the executive, as well as risk management in general, is positioned to be successful in the organization.
Accounts Payable – Preliminary Controls Assessment Questionnaire
This is an example of a preliminary assessment questionnaire that can be presented to managers or process owners before conducting an accounts payable audit. It is intended to help the internal audit department understand existing accounts payable business processes and management's view of the internal control environment.
IT Risk Assessment Survey Questionnaire
This questionnaire is for conducting an IT risk assessment. It covers topics appropriate for all levels of IT management, including: educate and train users; assess and manage IT risks; and IT strategic planning.
Business Continuity Compliance Questionnaire
This questionnaire helps organizations assess the adequacy of their business continuity program.
Setting the Audit Committee Agenda - Board of Directors and Management Questionnaire
This questionnaire offers topics to consider when setting the audit committee agenda to better manage change.
Supply Chain Risk Questionnaire
The reality of today’s business environment is that the enterprise has no boundaries. Accordingly, the appropriate risk assessment approach applied to operational risks suggests the need for an end-to-end, extended enterprise view of the value chain. This requires looking upstream to supplier relationships, including strategic suppliers, as well as downstream to channels, customer relationships and the ultimate end users. This document offers several questions to consider when evaluating supply chain risk.
Board of Directors Personal Liability Risk – Questionnaire
Now more than ever, as the risk of personal liability rises, independent directors must take every precaution to protect themselves. Following the enactment of the Sarbanes-Oxley Act – and with bankruptcy filings currently at a 50-year high – independent directors are becoming a target for shareholders, management, creditors and regulatory agencies as evidenced by a recent increase in litigation against them. This questionnaire focuses on actions directors should take to reduce the risk of personal liability when an organization is in financial distress.
IIA Standards Questionnaire
Given The IIA’s International Standards for the Professional Practice of Internal Auditing effective January 1, 2009, boards of directors and their audit committees evaluate how these changes impact the internal audit function and the organization. These questions focus on topics such as external quality assurance reviews, CAE interaction with the board, and risk management.
IIA Standards Compliance Checklist
This checklist, which is derived from The IIA’s International Standards for the Professional Practice of Internal Auditing, can be used to evaluate the extent to which an organization’s internal audit function complies with the Standards.
Process Map-Flow Chart – Formatting Checklist
This checklist provides a framework for standardizing the format of process maps/flow charts across the organization.
Entity Risks Inherent to Operations – Questionnaire
Risk oversight is a top-of-mind issue for boards today because of the dramatic failures associated with the financial crisis and the unanswered questions around what directors might have done to thwart it. This document includes some suggested questions that boards of directors may consider, in the context and nature of the entity’s risks inherent in its operations.
Business Continuity - IT Process Questionnaire
Business continuity management consists of the processes used by organizations to address unplanned service interruptions. This IT questionnaire can help assess an organization’s business continuity planning strategy. It includes questions on tactical alignment, business processes, technology, results management, human capital, stability and reliability. It also focuses on the continuance, recovery, and eventual restoration of critical business functions to their original conditions prior to service interruptions.
Sarbanes-Oxley Section 404 Beyond Year One of Compliance – Audit Committee Questionnaire
For companies that have already complied with Sarbanes-Oxley Section 404 for at least one year, this document contains example questions audit committee members should ask management regarding the company’s assessment approach and overall compliance process.
Ten Common Risk Management Failures – Questionnaire
It is fashionable today to talk about the role of risk management and why risk management fails in any industry. This questionnaire explores 10 common risk management failures and some key indicators that these issues exist within an organization.
Sarbanes-Oxley Section 404 First Year of Compliance – Audit Committee Questionnaire
There is no question that the first year of Sarbanes-Oxley Section 404 compliance requires much effort. During this process, it is important that audit committees ask questions during the inception of the project and throughout the first year of compliance.
The Financial Reporting Risk Profile: Getting Ahead of the Curve – Questionnaire
The financial reporting risk profile (FRRP) is a proactive approach to identifying financial reporting issues and managing them to head off financial statement restatements before they occur, thereby enabling management to better focus efforts on more important matters and reduce reputation risk to an acceptable level. This questionnaire focuses on topics board members and management should consider when discussing FRRP.
IT Application Security Questionnaire
The questionnaire is designed for the IT application security process. It addresses topics such as: access control mechanisms within the application, how users are identified, application security, password length, and password history.
The Changing Corporate Governance Landscape and Its Implications – Questionnaire
Corporate governance requirements established by The Sarbanes-Oxley Act have permanently mandated executive certification of public reports for all registrants. In this environment, companies are feeling greater pressures to take further actions. This questionnaire focuses on what boards and management should do as they work to improve corporate governance.
Executive Certifications: Same Responsibilities, Higher Stakes – Questionnaire
Executive management has always been responsible for the quality and fairness of public reporting. However, under The Sarbanes-Oxley Act of 2002, the risks are higher and the consequences of failure more significant. This questionnaire addresses executive certification requirements.
Inventory Management – Internal Control Evaluation Questionnaire
The questionnaire focuses on evaluating internal controls over the inventory process. It discusses topics such as: analytical procedures, purchasing, safeguarding physical inventory, and distribution.
Enterprise-Level, Process and Technology Issues for Audit Committees – Questionnaire
Without question, we live in a vastly different world than just one year ago and the environment remains dynamic and challenging. This questionnaire provides ideas for boards and their audit committees to consider during times of change. These ideas focus on enterprise-level, process and technology issues.
Technology Risks and Controls: What You Need to Know – Questionnaire
Disclosure and internal controls seem to be commanding the headlines these days, with particular emphasis on complying with Sections 302 and 404 of The Sarbanes-Oxley Act (SOX). This document poses questions to help determine where controls over information technology (IT) fit into the picture; why is IT important; and why management and executives should care.
Staying Focused on Core Business Issues Amid Corporate Governance Compliance – Questionnaire
Companies address a myriad of new corporate governance requirements established by U.S. Congress, the exchanges and regulators. While meeting these requirements, it is equally imperative to address the core business and profitability issues facing the organization, particularly in today’s increasingly demanding global marketplace. This document addresses questions focused on balancing corporate governance and business operational demands.
Section 404 Compliance: Lessons Learned – Questionnaire
Organizations now have years of experience complying with the Sarbanes-Oxley Section 404. Because of this, it is a good time to reflect on lessons learned. This questionnaire focuses on how to improve the compliance process, such as deploying a top-down approach and implementing a risk-based approach.
Building Upon Section 404 Compliance – Questionnaire
In recent years, compliance with Sections 302 and 404 of The Sarbanes-Oxley Act of 2002 (SOX) has commanded the attention of CEOs and CFOs. Many organizations have progressed beyond the first year of SOX compliance to ongoing annual compliance. This questionnaire addresses how organizations can make SOX compliance a sustainable process.
The Expanded Responsibilities of the Audit Committee – Questionnaire
When the SEC adopted rules mandated by the Sarbanes-Oxley Act of 2002, it, among other things, expanded and formalized the responsibilities of audit committees. The major exchanges also weighed in, defining expectations for audit committees. This document suggests keys questions to help the audit committee function effectively.
The Code of Conduct – Laying a Cornerstone for Effective Governance – Questionnaire
If there is one constant for success in a rapidly changing global marketplace, it is the immutable bedrock of an unwavering commitment to ethical and responsible business behavior. This document discusses important questions for boards and management to consider when designing and implementing an effective code of ethics.
Supply Chain Process Appraisal Questionnaire
This document assists with the sales planning and forecasting process by listing various questions for process owners. Questions include: Is there a documented sales planning/forecasting process supported by related policies? Is the company business plan used to drive the sales plan and forecast, and are these plans routinely compared for consistency? And, is the sales planning/forecasting process accountabilities defined in conjunction with a calendar of activities, events, meetings, and so on?
Creating Transparency into Your Largest Risk Exposures – Questionnaire
An organization may have executives or employees willing to take risky bets or engage in activities that may not be in the enterprise’s best interests. This questionnaire focuses on improving transparency into an entity’s most significant risk exposures, with the objective of minimizing the risk of unwanted surprises.
Credit Rating Analysis of Enterprise Risk Management at Nonfinancial Companies: Are You Ready? Questionnaire
S&P continues its initiative to assess quality of enterprise risk management (ERM) at all companies it reviews. The rating agency appears to be tying its historical sensitivity to significant and volatile unexpected losses to the rated entity’s ability to understand such volatility and prudently manage these risks through the application of ERM. This document includes questions management and board members should consider on this topic.
Setting the Audit Committee Agenda – Board of Directors Questionnaire
Good business leaders are aware that the world is changing – dramatically. This questionnaire offers ideas for boards and their audit committee regarding matters they should consider to manage change in the years ahead.
Positioning the Chief Risk Officer for Success – Questionnaire
When it is appropriate for a chief risk officer (CRO) or an equivalent senior risk executive to be in place, both the board of directors and management – not to mention the company’s shareholders – have a stake in that executive’s success. Now is the time for the organization to consider fundamental questions to assess whether the executive, as well as risk management in general, is positioned to be successful in the organization.
Knowing What You Don’t Know – Questionnaire
If the financial crisis has but a single lesson, it is this: what we don’t know can be more important than what we do know. This raises the ultimate rhetorical question, “Do we know what we don’t know?” The reality of today’s environment is that management and the board can never be certain that they know everything they need to know. This questionnaire suggests eight questions for executives and directors to help manage uncertainty.
The Enterprise Risk Assessment Process – Questionnaire
Never has there been a greater need for transparency into the nature and magnitude of risks undertaken in executing the corporate strategy. An effective risk assessment process lays the foundation for management to respond to questions confidently as the business environment remains in a constant state of flux. This questionnaire addresses key issues that boards should consider as they evaluate their confidence in the organization’s enterprise risk assessment process.
Establishing an Effective Complaint and Confidential, Anonymous Reporting Process – Questionnaire
This questionnaire focuses on issues that audit committees and management should consider as they collaborate to comply with the SECs rules pursuant to Section 301 of the Sarbanes-Oxley Act of 2002. Section 301 focuses on establishing an effective complaint and confidential, anonymous reporting process. These requirements are important because the SEC’s rules direct the national securities associations to prohibit the listing of any security of a company that is not compliant with them.
Ethics Audit Checklist
This checklist contains a set of questions that can be used when performing an ethics audit. Topics include: policies and procedures, communication, training, change management, violations, penalties and enforcement.
The Self-Assessment Process: Management’s Tool for Reinforcing Process Owner Accountability – Questionnaire
Self-assessment is a recognized best practice and has been applied to risks and controls for many years. Systematically applied across the organization at the entity and process levels, self-assessment is a pre-determined approach whereby individuals self-review or self-audit the controls for which they are responsible and communicate the results to appropriate management. In response to the upward reporting of process owner assessments, follow-up is taken where necessary. While self-assessment may be limited to financial controls to support SOX compliance, the process is flexible enough to apply to other risk areas, such as compliance with other laws and regulations, and operational effectiveness and efficiency.
Enterprise Risk Management: Practical Implementation Advice – Questionnaire
Many executives have no idea what the value proposition of enterprise risk management (ERM) is. Some executives and directors may even consider ERM a fad or “flavor of the month,” and are just humoring the dialogue wishing it would go away. What leaves many cold on the subject of ERM is the inability to quickly grasp what it is. This document poses practice questions focused on implementing ERM.
Protecting Enterprise Value Through Your Anti-Fraud Program – Questionnaire
A company’s anti-fraud program is an integral part of its corporate governance process and is fundamental to protecting tangible and intangible enterprise value and preserving the reliability of public reporting. This document focuses on key questions for board members and management when evaluating the anti-fraud program.
Conducting Enterprise Risk Assessments That Make a Difference Questionnaire
An important contribution of risk management is to help executives and their boards make better choices during the strategy-setting process. Boards and management need an effective enterprise risk assessment (ERA) process to effectively discharge their responsibilities, especially in today’s rapidly changing environment. This questionnaire focuses on the vital steps in executing an effective ERA, and why integrating these assessments with strategy-setting is important.
IFRS or Country-Specific GAAP: Who’s on First? – Questionnaire
There are many practical issues surrounding the possible future use of IFRS by U.S. public companies or by entities in other countries using a different version of GAAP not conformed to IFRS. This questionnaire considers these issues and the ramifications of transitioning from country-specific GAAP to IFRS.
Electronic Discovery: An Academic Exercise or Your Next Crisis? – Questionnaire
Electronic discovery (or e-discovery) refers to the process by which relevant electronically stored information is produced as evidence when an organization faces legal or regulatory action. This document poses questions for the board and management to reduce the costs, burden and time associated with e-discovery.
Managing Corruption Risk – Questionnaire
Corrupt customs and behaviors have evolved over many centuries. This questionnaire focuses on the management of corruption risk and uses the Foreign Corrupt Practices Act (FCPA) as a framework for this discussion with the board of directors and management.
Managing Outsourcing and Offshoring Risk – Questionnaire
As companies focus on managing their operations in a difficult economic environment, they seek to become leaner and more focused, efficient and effective. This document focuses on questions for board members and management to consider when managing risks related to outsourcing or offshoring business activities.
Public Company Readiness: Getting Ready for Prime Time – Before the Market Does – Questionnaire
When preparing for an initial public offering (IPO), it is vital to pay close attention to the underlying business and IT processes, policies and internal controls. This questionnaire focuses on certain aspects of the IPO preparation process and specific areas management should address – common financial reporting challenges, the close process, Sarbanes-Oxley compliance and IT infrastructure.
Making Internal Audit a Value-Adding Contributor to Economic Recovery – Questionnaire
Organizations are looking to internal audit to provide assurances that existing and emerging risks are identified, monitored and managed so that they can move forward with confidence in executing their business model. These questions explore how internal audit can contribute to organizations as they recover from the crisis and what management and boards should expect from audit going forward.
A Cost Effective Approach to Validating Performance of the Internal Control Structure – Questionnaire
How will your company transition its Section 404 compliance activity from an ad hoc, high-cost project to an ongoing, cost-effective process? This questionnaire focuses on implementing a cost-effective approach to validating the operating effectiveness of ICFR. These questions address management’s assessment process, not the external audit of ICFR.
Achieve Sustainability by Integrating the Section 404 and Section 302 Compliance Process Questionnaire
For most companies, the administrative burden encountered during the first year of Section 404 compliance warranted a fresh look at the overall compliance process. This questionnaire focuses on strategies for integrating compliance activities around Sections 404 and 302 of The Sarbanes-Oxley Act of 2002 with the objective of achieving a sustainable internal control structure.
Deriving Value Out of the Section 404 Compliance Process – Questionnaire
No one is arguing that the oft-stated assertion that the first year cost of complying with Section 404 is sky high. Evidence makes it clear that the administrative burden of compliance is significant enough for most companies to warrant a review of strategies and tactics for maximizing value-add from the compliance process. While the SOX-stated purpose of protecting investors by improving the reliability for public reporting is an important goal, both executive management and directors are asking tough questions. This document provides a sampling of these questions.
Revenue Recognition Questionnaire
The purpose of this questionnaire is to document the revenue recognition review completed by the finance department. It evaluates whether persuasive evidence exists to support revenue recognition, the delivery method scheduled, and that established collection procedures exist.
Audit Committee Charter Review Checklist
This checklist addresses a variety of topics and acts that often fall within the Audit Committee’s responsibilities. It provides a broad framework and a set of activities that can be undertaken by the Audit Committee to achieve appropriate oversight. This document is intended to only be used as a sample guide to understanding and reviewing the current charter.
Human Resources Internal Control Questionnaire
This questionnaire is to be utilized as a checklist of the basic controls for Sections 302 and 404 of the Sarbanes-Oxley Act. This document focuses on the Human Resources function and its associated internal control structure.
Segregation of Duties in Significant Cash Receipts Applications Questionnaire
This form has been designed to highlight potentially conflicting duties performed by one individual which could impact the effectiveness of controls over a cash receipts application.
COSO ERM Diagnostic Questionnaire
The tool can be used in assessing the effectiveness of a company’s ERM process. This tool is organized by the eight components of the COSO ERM Framework and users are prompted to assess senior management’s effectiveness in performing the key elements the eight components and whether or not the activities are integrated into a continuous process.
Segregation of Duties in Significant Cash Disbursement Applications Questionnaire
The following document outlines a set of steps to be followed when reviewing segregation of duties in significant cash disbursement applications.
Global Privacy Analysis Application Questionnaire - System Information Garnering
This questionnaire helps determine whether new technologies, information systems and initiatives or proposed programs and policies meet basic privacy requirements. The purpose of such an initiative is to provide documented assurance that privacy issues have been appropriately identified, adequately addressed or communicated to more senior management for further direction.
Disclosure Committee Questionnaire
The purpose of this questionnaire is to ensure that all necessary quarterly financial reporting disclosures are addressed, and any changes to these disclosures are explained by management.
IT Process Questionnaire – Change Management
The purpose of this IT process questionnaire is to ensure that all changes to IT resources and infrastructure configurations are carried out in a planned and authorized manner. It involves distinct processes both for managing change requests and also for deploying those changes throughout the enterprise.
Data Conversion Compliance Questionnaire
This questionnaire provides an outline for reviewing documentation associated with a data conversion. Sections of the questionnaire include template review observations, documentation review observations, compliance recommendations, and compliance rating.
IT General Controls Questionnaire
IT general controls are critical and central to business processes. This excel-based template provides a number of COBIT areas and the related control objectives for each IT general control. You can document items such as whether the control exists; whether it was designed properly; related test procedures; and management action plan for deficiencies. This questionnaire has been updated with areas defined in COBIT 4.1.
Reporting and Wrap-Up – Project Checklist
The purpose of this checklist is to assist a project team in ensuring that the administrative elements of wrapping-up an audit project are completed in accordance with company requirements. This checklist covers topics such as holding a closing meeting, drafting the report, and obtaining sign-off on the audit report.
Audit Planning – Project Checklist
The purpose of this checklist is to assist a project team in ensuring that the administrative elements of an audit project are completed in accordance with company requirements. This checklist covers topics such as scope of project, setting project expectations with auditee, and determining which audit tools to use on the project.
Audit Fieldwork – Project Checklist
The purpose of this checklist is to assist a project team in completing the administrative elements of a project in accordance with company requirements. This checklist covers topics such as workpaper requirements, communication protocol, and scheduling the closing meeting.
IT General Controls Scoping Questionnaire
This questionnaire has been designed to facilitate an assessment of existing controls to determine if they align with the IT Governance Institute (ITGI) control objectives. This questionnaire will allow the reviewer to determine which control objectives and illustrative controls are in-scope, and document which control objectives and illustrative controls are currently addressed with existing controls.
Healthcare Industry IT Risk Assessment Questionnaire
The purpose of this tool is to help a healthcare company perform an IT risk assessment. The risk assessment worksheets document IT components, IT processes and IT projects, and provide business process definitions. The assessment also allows the user to configure options, and rank all identified risks automatically.
Sales Order Entry Questionnaire
The purpose of this questionnaire is to document a review of the sales order entry process. This process focuses on evidence of an arrangement, delivery, price and fees, international requirements, and collections.
Finance Process Improvement Project Plan - Accounts Payable
This sample spreadsheet is used to track details associated with financial process effectiveness for the accounts payable process. Data tracked in this spreadsheet includes activities, effort by level (measured in hours), and milestones.
IT Due Diligence Checklist
This checklist focuses on what risks or controls a small company must assess in order to address their IT due diligence practices. Topics covered in this document include: IT management, personnel, and contractors as well as many more.
Finance Process Improvement Project Plan - General Accounting Questionnaire
This is a sample spreadsheet used to track details associated with improving the general accounting process. Data tracked in this spreadsheet includes activities, effort by level (measured in hours), and milestones.
Manual Journal Entries in the Consolidations System
This questionnaire focuses on the financial close process, specifically manual journal entries in the consolidation system. This document includes a process description, key risks, expected key controls, and key questions to ask during this process review.
SOX Process Walkthrough Questionnaire
The purpose of this template is to provide guidance to business units in the performance of walkthroughs associated with Sarbanes-Oxley Act compliance requirements. It may also be used by management in other matters related to the evaluation of internal controls over financial reporting.
IT General Controls Questionnaire
IT general controls are critical and central to business processes. This excel-based template provides a number of COBIT areas and the related control objectives for each IT general control. You can document items such as whether the control exists; whether it was designed properly; related test procedures; and management action plan for deficiencies. This questionnaire has been updated with topics focused on IT strategic planning; acquire or develop application software; manage changes; and define and manage service levels.
Eliminate Intercompany Transactions and Consolidate Financial Data
This questionnaire focuses on the financial close process, specifically elimination of intercompany transactions and consolidating financial data. This document includes: a process description, key risks, expected key controls, and key questions to ask during this process review.
IT Risk Assessment Survey Questionnaire
This questionnaire is for conducting an IT risk assessment. It covers topics appropriate for IT management and IT executive management. These topics include: Educate and train users; Assess and manage IT risks; and IT strategic planning.
Consolidations System Chart of Accounts Maintenance
This questionnaire focuses on the financial close process, specifically consolidation system chart of accounts maintenance. This document includes: a process description, key risks, expected key controls, and key questions to ask during this process review.
Data Center General Controls Questionnaire: Continuity of Operations
This is the final section of a thirteen part mainframe data center general controls questionnaire. The questionnaire covers data center continuity of operations.
Fixed Assets Process Controls Questionnaire
Fixed assets are important to a company because of their relative permanence in the company’s operations and their use in operating activities. This excel-based template provides a number of business activities and related control objectives for each activity. This questionnaire has been updated with the following: involvement of the purchasing department, presence of a corporate depreciation policy, and monthly financial close procedures.
Data Center General Controls Questionnaire: Telecommunications
This is the twelfth section of a thirteen part mainframe data center general controls questionnaire. The questionnaire covers the management of telecommunications resources.
Data Center General Controls Questionnaire: Hardware and Software Inventory Management
This is the eleventh section of a thirteen part mainframe data center general controls questionnaire. This section covers systems hardware and software inventory management.
Data Center General Controls Questionnaire: Database Administration
This is the tenth section of a thirteen part mainframe data center general controls questionnaire. This section covers systems database administration.
Data Center General Controls Questionnaire: Vendor Support
This is the ninth section of a thirteen part mainframe data center general controls questionnaire. This section covers systems vendor support.
Data Center General Controls Questionnaire: Systems Software Support
This is the eighth section of a thirteen part mainframe data center general controls questionnaire. This section covers systems software support.
Generate Financial Statements and Disclosures
This questionnaire focuses on the financial close process, specifically generating financial statements and related disclosures. This document includes: a process description, key risks, expected key controls, and key questions to ask during this process review.
Data Center General Controls Questionnaire: Application Systems Development and Maintenance
This is the seventh section of a thirteen part mainframe data center general controls questionnaire. This section covers security administration.
Data Center General Controls Questionnaire: Security Administration
This is the sixth section of a thirteen part mainframe data center general controls questionnaire. This section covers security administration.
Analyze Financial Results
This questionnaire focuses the financial close process, specifically reviewing and analyzing consolidated financial information and business segment information. This document includes: a process description, key risks, expected key controls, and key questions to ask during this process review.
Data Center General Controls Questionnaire: Program, Data File, and Transaction Security
This is the fifth section of a thirteen part mainframe data center general controls questionnaire. This section covers program, data file and transaction security.
Upload Data from General Ledger to the Consolidations System
This questionnaire focuses the financial close process, specifically when data is uploaded the general ledger (G/L) to the consolidations system. This document includes: a process description, key risks, expected key controls, and key questions to ask during this process review.
Data Center General Controls Questionnaire: Environmental Controls
This is the fourth section of a thirteen part mainframe data center general controls questionnaire. This section covers environmental controls.
E-Commerce Questionnaire
This is a multi-section questionnaire that can be used, for example, during an internal audit of an E-Commerce organization.
Data Center General Controls Questionnaire: Physical Security
This is the third section of a thirteen part mainframe data center general controls questionnaire. This section covers physical security.
Data Center General Controls Questionnaire: Computer Operations
This is the second section of a thirteen part mainframe data center general controls questionnaire. This section covers Computer Operations.
Data Center General Controls Questionnaire: Organization and Management
This is the first section of a thirteen part mainframe data center general controls questionnaire. This section covers Organization and Management.
Entity Level Controls - Information and Communication Questionnaire
Information and communication is the component of internal control that ensures that pertinent information is identified, captured, and communicated in a form and timeframe that enables people to carry out their responsibilities. This excel-based template provides a number of COSO elements and the related control objectives for entity level controls. Within the questionnaire you can document items such as whether the control exists; whether it was designed properly; related test procedures; and management action plan for deficiencies. The Information Availability, Reliability of IT Systems, and Communications sections have been updated in this questionnaire.
Entity Level Controls - Monitoring Questionnaire
Monitoring is a process that assesses the quality of the entity's internal control performance over time. This excel-based template provides a number of COSO elements and the related control objectives for entity level controls. Within the questionnaire you can document items such as whether the control exists; whether it was designed properly; related test procedures; and management action plan for deficiencies. The Ongoing Monitoring section has been updated in this questionnaire.
Entity Level Controls - Risk Assessment Questionnaire
Risk assessment is the component of the entity’s internal control that involves identifying and analyzing risks internally and externally. Risk assessment is relevant to achieving business objectives as well as objectives related to the preparation of reliable financial statements. This excel-based template provides a number of COSO elements and the related control objectives for entity level controls. Within the questionnaire you can document items such as whether the control exists; whether it was designed properly; related test procedures; and management’s action plan for deficiencies. The Entity-Wide Objectives and Manage Change sections have been updated in this questionnaire.
Entity Level Controls - Control Environment Questionnaire
The control environment provides an atmosphere in which people conduct their activities and carry out their control responsibilities. It is the foundation for all other components of internal control, providing discipline and structure. This excel-based template provides a number of COSO elements and the related control objectives for entity level controls. Within the questionnaire you can document items such as whether the control exists; whether it was designed properly; related test procedures; and management action plan for deficiencies. The following sections have been updated in this questionnaire: Integrity & Ethical Values, Commitment to Competence, Board of Directors or Audit Committee, Organizational Structure, Assignment of Authority & Responsibility.
Fixed Assets – Preliminary Controls Assessment Questionnaire
This is an example of a preliminary assessment questionnaire that can be presented to managers or process owners before conducting a fixed asset audit. It is intended to help the internal audit department understand existing business processes involving fixed assets and management's view of the internal control environment. This document has been updated with items such as: fixed asset system change management, capital expense policy, and periodic review of depreciation expense.
Service Level Agreement Controls Interview Questionnaire - IT
The purpose of this interview questionnaire is to assess the IT processes associated with a Service Level Agreement (SLA). The questionnaire addresses topics such as identifying critical systems, applications, and services; change services; and continuity planning.
Monthly Financial Close Process Checklist
The purpose of this checklist is to document the activities performed as part of the monthly financial close process at a company. For each step covered in this checklist, users are encouraged to document the responsible person, date due, and whether the task has been completed and reviewed. This tool has been updated with additional general financial close procedures and steps related to recording fixed assets.
Employee Termination Checklist
This checklist outlines steps to follow when an employee stops working for a company. These steps should be modified to reflect each organization’s employee termination process.
Employee New Hire Checklist
This checklist outlines steps to follow when a new employee starts working with a company. These steps should be modified to reflect each organization’s new hire orientation process.
Employee Expense Reimbursement Process Review Checklist
Internal Audit can use this checklist when reviewing whether the employee expense reimbursement process is conducted according to the company’s Travel & Expense Policy. Deviations from the established policy could result in unauthorized reimbursements and/or additional costs for the company. Updates made to this checklist include steps to gain an understanding of the current reimbursement policy and process.
Due Diligence Checklist – Example 2
The purpose of this document is to provide a list of items to consider when performing due diligence on a potential acquisition. This checklist is intended to be a list of financial items to consider during this process. This list should be customized to fit the nature of the acquisition process.
Linux Audit Checklist
This checklist is to be used to audit a Linux environment. It attempts to provide a generic set of controls to consider when auditing a Linux environment, and does not account for the differences between the different Linux distributions on the market (e.g. Red Hat, Caldera, Mandrake, etc.).
Oracle Baseline Security Checklist
This checklist contains detailed steps to undertake to check the security of systems using Oracle, from checking and installing the latest patches, to ensuring privileges are restricted and access is correctly controlled.
Process Integration Checklist
The purpose of this checklist is to facilitate the merging of company subsidiary divisions and their duplicate processes. Included are guidelines for this facilitation process and topics to address during scheduled meetings.
Sun Solaris Security Checklist
This checklist contains detailed steps to undertake to check the security of systems running the Sun Solaris operating system, from checking and installing the latest patches, to ensuring all permissions are correct and system accounts are protected.
Red Hat Linux Security Checklist
This checklist contains detailed steps to undertake to check the security of systems running the Red Hat Linux operating system, from checking and installing the latest patches, to ensuring all permissions are correct and system accounts are protected.
Audit Planning and Scoping Checklist
This checklist should be used when planning the nature, timing and extent of work on an individual audit assignment where the design effectiveness and/or operational effectiveness of any business process is to be examined. It should be used in connection with a planning and scoping memorandum template to prepare detailed instructions for the work.
IBM AIX Security Checklist
This IBM AIX security access control checklist includes detailed information on ways to reduce the security exposure so that the specified expected result is obtained.
Service Level Agreement Controls Interview Questionnaire – IT Help Desk
The purpose of this interview questionnaire is to assess the IT Help Desk process associated with a Service Level Agreement (SLA). The questionnaire addresses topics such as documentation of IT calls, follow-up communication with end users, and meeting end user needs.
Acquisition Closing Checklist
The purpose of this checklist is to document the activities performed as part of the acquisitions/new business development process by a company. The steps covered in this checklist focus on pre-acquisition activities, performing due diligence, post acquisition activities, and management approval.
Entity-Level, IT, and Business Process Controls Questionnaires
Entity-level controls are the foundation for internal control, providing discipline and structure to the organization. IT general controls have a pervasive effect on the reliability, integrity and availability of processing and relevant data. Business process controls provide structure to generate revenue, account for costs incurred, and ultimately report on the financial state of the organization. These excel-based templates provide you the opportunity to document items such as whether these controls exists; whether they are designed properly; related test procedures; and management action plan for deficiencies. These questionnaires are intended to help you comply with corporate governance requirements.
Entity-Level Controls – Fraud Questionnaire
Fraud prevention is essential to set the right tone for an effective internal control framework. This excel-based template links the COSO components to a number of control objectives for entity-level fraud controls. Within the questionnaire you can document items such as whether the control exists; whether it was designed properly; related test procedures; and the management action plan for deficiencies.
ITIL/COBIT Problem Management Checklist
This is the second of two checklists that can be used to ensure that all non-standard operational events (incidents, errors and problems) are identified, recorded, analyzed and resolved through the use of a suitable problem management system. COBIT Delivery Standard 10 – Manage Problems and Incidents, identifies objectives for managing problems and incidents. The specific objectives listed in this checklist can be mapped onto relevant IT Infrastructure Library (ITIL) activities. The second checklist deals with problem management.
ITIL/COBIT Incident Management Checklist
This is the first of two checklists that can be used to ensure that all non-standard operational events (incidents, errors and problems) are identified, recorded, analyzed and resolved through the use of a suitable problem management system. COBIT Delivery Standard 10 – Manage Problems and Incidents, identifies objectives for managing problems and incidents. The specific objectives listed in this checklist can be mapped onto relevant IT Infrastructure Library (ITIL) activities. The first checklist deals with incident management.
User Relationship With IT Management: Equipment Acquisition Procedure Assessment Questionnaire
An improperly established relationship between IT and users poses the risk that users may lack guidance on acquiring information processing tools. The objective of the questionnaire is to determine whether adequate procedures are in place for acquiring hardware and software.
User Relationship With IT Management: User Group Assessment Questionnaire
An improperly established relationship between IT and users poses the risk of ineffective organizational infrastructure. The existence and effectiveness of a user group will determine the level of risk within an organization. This questionnaire helps assess the effectiveness of a user group.
User Relationship With IT Management: User Computing Standards Assessment Questionnaire
An improperly established relationship between IT and users poses the risk that there may be inadequate user computing standards. Users may experience unnecessarily long learning curves because user computing standards and procedures are not adequately enforced. The objective of this questionnaire is to define adequate control procedures and to determine whether those procedures are in place.
User Relationship With IT Management: User Security Procedure Assessment Questionnaire
An improperly established relationship between IT and users poses the risk that there may be inadequate user security procedures. The objective of the questionnaire is to define adequate control procedures and to determine whether those procedures are in place.
User Relationship With IT Management: Corporate Data Use Assessment Questionnaire
An improperly established relationship between IT and users poses the risk that users may make ineffective use of corporate data. Users are either unable to access corporate data or that data is not used effectively. The objective of this questionnaire is to define adequate control procedures and to determine whether those procedures are in place.
User Relationship With IT Management: User Satisfaction Assessment Questionnaire
An improperly established relationship between IT and users poses the risk that users may be dissatisfied with the central IT function. This questionnaire helps to determine whether users are not getting the type of service desired, and whether communication of this dissatisfaction is inadequate.
User Relationship With IT Management: User Knowledge Assessment Questionnaire
An improperly established relationship between IT and users poses the risk that users may have inadequate knowledge of IT systems. Users may require more technical knowledge to use the available technology efficiently, effectively, and economically. The objective of this questionnaire is to assess whether users have the systems knowledge they need to be effective.
Information Security Risk Assessment Questionnaire, based on ISO/IEC 27002:2005
This checklist is designed to assist in reviewing and documenting the risk profile of your organization’s information processing activities. The checklist contains ten sections, in accordance with ISO/IEC 27002:2005.
Medical Clinic Operational Processes Questionnaire
This sample questionnaire can be used when performing an audit of a medical clinic’s operational processes. It is intended to help an internal audit department complete a baseline compliance review of these activities. Questions focus on topics such as maintenance of patient medical records, patient relations, physician consultation practices, and storage of medical equipment.
Control Design Effectiveness Review Checklist
This excel-based template provides an example of how to review control design effectiveness to ensure the control mitigates the associated risk. You would use this review process sheet to document the reviewer’s comments and associated response. The excel form also provides guidance in designing controls to address financial reporting assertions.
Medical Records Documentation Checklist
This sample checklist can be utilized when performing an audit of medical records documentation. It is intended to help an internal audit department understand the existing documentation process related to medical records. Items of review include the filing system used, document retention, and training materials.
Information Technology General Controls - Preliminary Controls Assessment Questionnaire
This is an example of a preliminary assessment questionnaire that can be presented to managers or process owners before conducting an information technology general controls (ITGC) audit. It is intended to help the internal audit department understand existing business processes involving ITGC and management's view of the internal control environment.
Financial Close Process Controls Questionnaire
The financial close process is important to a company as it is the function directly related to producing company financial results for each period end. This excel-based template provides a number of business activities and related control objectives for each activity. Within the questionnaire you can document items such as whether the control exists; whether it was designed properly; related test procedures; and management action plan for deficiencies.
Medical Records, Coding, and Billing Processes Compliance Questionnaire
This sample questionnaire can be utilized when performing an audit of medical records, coding, and billing compliance processes. It is intended to help an internal audit department understand the existing process related to medical records, coding and billing and assess the compliance of these processes. Questions focus on topics such as policies and procedures, records management, and training in billing techniques.
Detailed Medical Record Review Questionnaire
This is an example medical record review questionnaire that can be utilized when performing a healthcare audit. It is intended to help an internal audit department understand the existing process related to medical records management and assess the compliance of this process.
Financial Reporting and General Ledger Control Self Assessment Questionnaire
This is an example of a self assessment questionnaire that can be presented to managers or process owners before conducting an audit. It is intended to help the Internal Audit department understand existing controls around financial reporting and general ledger processes.
SOX Testing Review Checklist
This excel-based template provides an example of how to review SOX testing documentation. You would use this review process sheet to document the reviewer’s comments and tester’s response. The excel form allows you to record comments related to the test plan, test execution, and documentation format.
Budget – Preliminary Controls Assessment Questionnaire
This is an example of a preliminary assessment questionnaire that can be presented to managers or process owners before conducting an audit of the budget process. It is intended to help the internal audit department understand existing business processes and management's view of the internal control environment.
General Threat Questionnaire
This risk assessment questionnaire can be used to identify the failure scenarios, likelihood, and severity of over 100 environmental, man-made, business, and IT risks.
Billing, Accounts Receivable, Credit, and Collections – Preliminary Controls Assessment Questionnaire
This is an example of a preliminary assessment questionnaire that can be presented to managers or process owners before conducting an audit of the billing, accounts receivable, credit, and collections process. It is intended to help the internal audit department understand existing business processes and management's view of the internal control environment.
Accounts Payable – Preliminary Controls Assessment Questionnaire
This is an example of a preliminary assessment questionnaire that can be presented to managers or process owners before conducting an accounts payable audit. It is intended to help the internal audit department understand existing accounts payable business processes and management's view of the internal control environment.
Enterprise Risk Management Interview Questionnaire
The ultimate goal of Enterprise Risk Management (ERM) is to evaluate total returns relative to total risks, leading to more informed business decisions. This questionnaire can be used when assessing an organization’s enterprise risk management strategy. It focuses on the internal environment, objective setting, event identification, risk assessment, risk response, control activities, and information and communication.
Payroll – Preliminary Controls Assessment Questionnaire
This is an example of a preliminary assessment questionnaire that can be presented to managers or process owners before conducting a payroll audit. It is intended to help the internal audit department understand the existing business processes and management's view of the internal control environment.
System Implementation Risk Assessment Questionnaire
This questionnaire helps to assess the risks involved in the implementation of any new or updated software application.
Control Self-Assessment Questionnaire
In complying with the Sarbanes-Oxley Act, it is management’s responsibility to design, adhere to and monitor the significant operating and financial controls of the organization. This short self-assessment questionnaire has been designed to obtain management’s input in order to establish a common understanding of the level of control of an organization or department.
Implementation Review Scoping Checklist
This checklist assists with the scoping of an application controls review and/or implementation review that covers both pre- and post-implementation procedures. The primary goal is to identify those areas that Internal Audit will focus on during the implementation.
Tax Compliance Process Internal Control Questionnaire
The purpose of this questionnaire is to assess the internal controls related to a company’s tax compliance process. This document outlines sample tax compliance controls and assists in identifying if the control is in place.
IT Application Control Deficiency Decision Process Questionnaire
This questionnaire serves as a guide in determining the severity of control application deficiencies cited during the SOX control testing process. The results of this process are used to determine potential significant deficiencies/material weaknesses. Topics in this questionnaire assist management in assessing IT application controls.
IT Infrastructure Control Deficiency Decision Questionnaire
This questionnaire can be used as a guide to determine the severity of any deficiencies cited during the control testing process. A SOX control deficiency assessment can be completed using this information and other information provided by management in reaching its decision.
Business Control Deficiency Decision Process Questionnaire
This questionnaire serves as a guide in determining the severity of deficiencies cited during the SOX control testing process. The results of this process are used to determine potential significant deficiencies/material weaknesses. Topics in this questionnaire include compensating controls and deficiencies that may be symptomatic of a larger issue or theme.
Chief Audit Executive IT Control Checklist
Chief Audit Executives can use this checklist to examine their IT control framework to ensure the organization has addressed all control elements. The checklist can help the CAE understand the issues and plan for full internal audit coverage of the control areas.
Audit Committee Self-Assessment Checklist
The self-assessment process is an important exercise for audit committees to complete as they are responsible for important activities such as the quality and integrity of a company’s accounting practices and controls and compliance with legal and regulatory requirements. This is a sample self-assessment checklist for audit committees to use when evaluating their current involvement in a company’s control environment.
SOX Policy Evaluation Checklist
Policies are an important part of the internal control over financial reporting evaluation process. This is a sample checklist to use when identifying the availability and status of company policies associated with the financial reporting process. This tool also assists with organizing policies by financial statement, area of significance, and financial statement element.
Treasury Process Controls Questionnaire
The treasury process is important to a company because it is the function overseeing the cash flow of the company’s operations and its use related to payments, receipts, and investments. This excel-based template provides a number of business activities and related control objectives for each activity. Within the questionnaire you can document items such as whether the control exists; whether it was designed properly; related test procedures; and management action plan for deficiencies.
End-of-Audit Feedback Survey Questionnaire
This questionnaire can be distributed at the end of an internal audit project. It communicates a department’s commitment to providing the highest quality services and helps manage expectations. The feedback can be used to improve service and identify important areas of focus for future internal audit projects.
Payroll Process Controls Questionnaire
The payroll process is important to a company as it is the key to compensating employees for the contributions to the company’s operations and generation of revenues. This excel-based template provides a number of business activities and related control objectives for each activity. Within the questionnaire you can document items such as whether the control exists; whether it was designed properly; related test procedures; and management action plan for deficiencies.
Self-Assessment Checklist
Self-assessments are intended to help the internal audit department understand existing business processes and understand management's view of the internal control environment. This is a sample checklist to follow when issuing self-assessment questionnaires to managers or process owners. Items in the checklist include self-assessment set-up processes, issuing the self-assessment, compiling the results, and reporting to management.
Inventory Management Control Questionnaire
Inventory is an important asset for many companies as it is often a large asset on the company’s financial statements and represents a source of revenue in the near future through sales of the goods. This excel-based template provides a number of business activities and related control objectives for each activity. Within the questionnaire you can document items such as whether the control exists; whether it was designed properly; related test procedures; and management action plan for deficiencies.
Revenue Process Control Questionnaire
Revenue process controls are important to financial reporting because this process measures the accomplishments of the operating activities of a company. This excel-based template provides a number of business activities and related control objectives for each activity. Within the questionnaire you can document items such as whether the control exists; whether it was designed properly; related test procedures; and management action plan for deficiencies.
Expenditure Process Control Questionnaire
Expenditure process controls are important to financial reporting as this process focuses on costs companies incur while delivering goods, rendering services, or other activities that are central to the company’s operations. This excel-based template provides a number of business activities and related control objectives for each activity. Within the questionnaire you can document items such as whether the control exists; whether it was designed properly; related test procedures; and management action plan for deficiencies.
Internal Audit Client Satisfaction Questionnaire
This questionnaire is intended to be sent to relevant departments upon completion of work performed by internal audit. This tool contains a sample email providing instruction on completing the questionnaire. The questionnaire contains drop-down menus with pre-populated answers to assist in the questionnaire reporting process.
Hazard Assessment Checklist and Corrective Action Report
This checklist is to be used when conducting periodic hazard assessments. If any deficiencies are found, the corrections should be recorded using the Corrective Action Report following the checklist.
Entity Level Documentation Request Checklist
The COSO Internal Control - Integrated Framework requires that risks and controls be assessed at both the entity level and the process level. Entity level controls address the “tone at the top” and include items such as ethics programs, investigation protocols, and IT infrastructure controls. Adequate evidence of the entity level controls should be accumulated to support management’s assertions. One of the ways to gather such evidence is to review the corporate documentation that supports that these entity level controls are in place. This checklist provides a template in which to track the availability and status of such entity level control documentation.
Close The Books – Preliminary Controls Assessment Questionnaire
This is an example of a preliminary assessment questionnaire that can be presented to managers or process owners before conducting an audit. It is intended to help the internal audit department understand existing business processes and management's view of the internal control environment.
Closing Out Year One: SOX Best Practice Checklist
This checklist provides a list of SOX considerations for companies gearing up SOX efforts in 2005 and those continuing their second year of compliance. The checklist offers advice on topics such as project management, project details, and committees. Using this type of checklist will facilitate moving SOX compliance efforts towards best practice.
Audit Work Paper Quality Review Checklist
This checklist provides guidance on how to prepare audit work papers to ensure quality and clarity. The checklist identifies organizational tasks, required information, and formatting that should be complete prior to submitting audit work papers for review. Using this type of checklist will facilitate the review process performed by superiors or management.
Tax Process: Objectives and Control Checklist
This self-assessment checklist is intended to be used as a preliminary checklist before an audit. It gives the auditee an opportunity to inform internal audit about controls and processes they employ, and it also gives the auditee ideas about other controls and processes that may be appropriate.
Documentation - 404 Readiness Checklist
This checklist can be used to evaluate the adequacy of Section 404 process documentation prior to submitting it to the external auditor for review and prior to creating testing plans.
Test Documentation Validation Checklist
This checklist provides guidance on how to track documentation related to tests of controls. It focuses on examples of documentation needed to complete tests of controls, a template to record the completeness and accuracy of the documentation received, and areas to track missing required documentation and sampling requests made to the client.
General IT Controls Review: Password Questionnaire
Consider the best practice items in this questionnaire when assessing your user password standards.
Update Testing – Control Self Assessment Questionnaire
This questionnaire has been designed to facilitate an assessment of whether the controls within a business unit are currently operating effectively. To meet the guidelines of Section 404 requiring management attestation as of a company’s fiscal year-end, this questionnaire is used to identify any changes that have occurred or are planned prior to year-end. Questions in this tool focus on verifying that process documentation is complete and accurate, all key internal controls and key information systems have been identified, and all areas within a business unit that are relevant to Sarbanes-Oxley have been identified.
Sarbanes-Oxley Walkthrough Checklist
The purpose of this checklist is to provide guidance to help a process owner prepare for a process walkthrough. It also includes post-walkthrough questions to help the process owner document any questions or issues raised.
Payroll Best Business Practice Checklist
This checklist contains a set of questions that can be used to determine the extent to which various best business practices are being followed in the area of payroll. The answers to these questions will help to determine areas for improvement.
Month-End Close: Best Business Practice Checklist
This checklist contains a set of questions that can be used to determine the extent to which various best business practices are being followed when performing a month-end close. The answers to these questions will help to determine areas for improvement.
AML Audit Checklist
The USA PATRIOT Act requires that all financial institutions maintain an anti-money laundering (AML) program that is tested by independent auditors. This audit checklist is intended to assist financial institutions in preparing for the independent tests of their AML programs. It identifies areas that are generally within the audit scope, and lists the types of information that the auditors will likely request.
Cash Receipts/ Collections Best Business Practice Checklist
This checklist contains a set of questions that can be used to determine the extent to which various best business practices are being followed in the areas of Collections and Cash Applications. The answers to these questions will help to determine areas for improvement.
Billing Best Business Practice Checklist
This checklist contains a set of questions that can be used to determine the extent to which various best business practices are being followed in the area of billing. The answers to these questions will help to determine areas for improvement.
Accounts Payable Best Business Practice Checklist
This checklist contains a set of questions that can be used to determine the extent to which various best business practices are being followed in the area of accounts payable. The answers to these questions will help to determine areas for improvement.
Internal Audit Department Best Practice Evaluation Worksheet
This evaluation worksheet for internal audit departments provides a checklist of best practice suggestion for five components of an internal audit function: roles & structure, people, process, technology, and knowledge.
Handheld Devices Checklists
These checklists help ensure handheld devices are correctly configured and used, and provide assistance in performing audits of environments containing handheld devices.
Sarbanes-Oxley Act and Proposed NYSE Listing Standards Compliance Checklist
This compliance checklist provides a summary of the Sarbanes-Oxley Act requirements, final and proposed SEC rules, and the corporate governance standards proposed by the New York Stock Exchange. It includes a disclosure-only checklist, which identifies new and proposed SEC disclosure requirements.
Office Relocation: IT Checklist
This checklist can be used by IT and telecom personnel when planning an office relocation. It gives the planner an opportunity to inform internal audit about controls and processes employed to minimize the risk of a move; and also suggests other controls and processes that may be appropriate.
>> Sign up now for a 30-day free trial or an annual subscription.
Find out more about our subscription prices and group discounts.
If you have any questions please contact us.