KnowledgeLeader Blog

The Best of KnowledgeLeader: September Edition 2017

Posted by Sharise Cruz on Fri, Sep 15, 2017 @ 03:59 PM

In case you missed them, these were the five most popular tools and publications on KnowledgeLeader last month:


1. Internal Controls Checklist

This checklist sample provides a list of items to consider when assessing internal controls for common business processes.

It focuses on accounts receivable and sales controls, accounts payable controls, accrued liabilities and other expenses controls, cash disbursement controls, cash funds controls, cash receipts controls, general accounting controls, fixed-assets controls, intangibles controls, inventory and cost of sales controls, investments controls, long-term liabilities controls, notes receivable controls, payroll controls, prepaid expenses and deferred charges, and shareholders’ equity controls.





2. Internal Audit Risk Assessment Questionnaire

Internal audit performs this risk assessment to identify and prioritize key risks to best allocate the internal audit resources for the next year. This risk-based approach is focused on surveys/interviews of a cross-section of management personnel to solicit input from the potential customers of an internal audit function. The output from the surveys and interviews can be used to develop an audit plan that creates broad coverage through a blend of internal audits, control self-assessment and targeted external audit coverage.










3. Process Classification Scheme (PCS)

The Process Classification Scheme (PCS) is a framework that helps organize information about a company, according to relevant business and/or industry processes, and defines the individual functions of a business that should take place at the strategic, operational and tactical levels. Depicting each function as a defined process or sub-process helps promote a common language and provides a “roadmap” to help identify processes and related risks and potential controls that may be applicable to the organization. Note: The PCS is not an all-inclusive list of existing business processes. Companies should customize the PCS (processes and associated sub-processes) to fit the facts, circumstances and culture of the organization.


4. Cybersecurity Audit Report

This report presents the results of the vulnerability assessments and penetration testing that security specialists performed on a company’s external and internal facing environment. The intent of the project was to review the security posture of the company’s network, devices, and applications accessible from the Internet. The scope of the review was limited to specific target dates and agreed upon target systems. This sample summary report is designed to deepen understanding of the level of security, to identify security deficiencies and areas of strengths and weaknesses, and to help develop an action-plan to correct vulnerabilities and mitigate the associated risks.

The report also documents known vulnerabilities that were detected during the penetration test period; new devices, configuration changes and new/future vulnerabilities were not tested.


5. Protiviti Risk Model

The Protiviti Risk Model is a comprehensive organizing framework for defining and understanding potential business risks and creating and managing the organization’s dynamic risk universe. Boards of directors and management can use this tool to assess and monitor strategic risks impacting the organization. The model focuses on three different types of risks: environment risk, process risk and information for decision-making risk. 

Topics: KnowledgeLeader articles, KnowledgeLeader tools, KL top five

Add a Comment:

Subscribe to Our Blog

About KnowledgeLeader

KnowledgeLeader, provided by Protiviti, is the premier resource for internal audit and risk management professionals.

With over 1,400 customizable tools and 1,300 articles by industry experts, we offer the most comprehensive service on the market.

For more information:

 Tour the Site

Recent Posts

Posts by Topic

see all