Wed, Aug 23, 2023

Tools

The following tools were published on KnowledgeLeader this week:

Finance Code of Conduct Policy

This sample policy serves as a code of conduct specific to senior financial officers of a company with the purpose of documenting a clear understanding of roles and responsibilities. Under this policy, a company would adopt a separate finance code of conduct specific to all senior financial officers of the company. The individuals mentioned above are also expected to abide by the company code of conduct that is distributed to all employees. 

Internet and Email Acceptable Use Policy

This policy outlines a set of procedures that provide rules and guidelines for internet and email use within a company. This internet and external email acceptable-use policy (AUP) is developed to help company employees optimize their use of the internet, protect confidential information of the company and others, preserve and enhance the company's image, and minimize costs associated with internet usage.

Record Retention Policy

This tool contains seven sample policies that establish standards and procedures for the retention of electronic and paper records. Because of legal, tax and financial reporting requirements, the company must retain certain financial and nonfinancial records for various lengths of time. It is also important to consider employee access to these documents.

Fixed Assets Audit Work Program

The six work program samples included in this tool highlight detailed procedures to consider when facilitating a fixed assets audit. Sample procedures include obtaining and reviewing the results of the last fixed asset physical and preparing a workflow and/or narrative to document the fixed asset cycle, including an approval process, project overrun identifications, asset additions and project closures, asset disposals, asset transfers, and physical verification of assets.

Business Impact Analysis Facilitation Guide

Business impact analysis (BIA) is the careful study of individual business processes and support functions, as well as the system of business processes in its entirety, to better understand objectives regarding the continuity of operations. In this tool, we’ve compiled a guide that outlines a particular methodology for conducting a business impact analysis.

Sarbanes-Oxley Walkthrough Guidance for General IT Controls

This guide provides auditors with a comprehensive breakdown of a Sarbanes-Oxley walk-through for general IT controls. In this sample, walk-throughs are conducted by the external auditor and are meant to confirm the auditor’s understanding of the processes relevant to financial reporting and the design of relevant controls, confirm key risks and controls that affect financial reporting, and trace a transaction from start to finish. 

Bank Branch Internal Audit Work Program

This document includes a variety of sample work programs that can be used when performing an audit of a bank branch and its processes. The following processes are included within this document: cash, certification of checks, checking accounts and overdrafts, encashment and cash items, general audit, income and expenses, items held on consignment, night deposits, safe deposits, savings, security, unissued checks and money orders, and wire transfers and foreign remittances.

Publications 

KnowledgeLeader has also published several publications this week.

Tech Expert Wayne Sadin on How the C-Suite and Board Can Prepare for the Metaverse

Are the board and the C-suite ready for the metaverse? Protiviti’s Joe Kornik and renowned tech strategist Wayne Sadin offer steps executives should be taking right now to ensure tech success in the future.

Checkmate Humanity: Responsible Metaverse Alliance Founder Talks Ethics, Safety and Governance

Interpol’s Metaverse Expert Group International Advisor Catriona Wallace and Protiviti’s Joe Kornik discuss the metaverse and the responsible use of technology.

SEC Cybersecurity Disclosure Enhancements: Efforts to Boost Investor Confidence

On July 26, 2023, the SEC adopted amendments to its rules on cybersecurity risk management, strategy, governance and incident reporting by public companies subject to the reporting requirements of the Securities Exchange Act of 1934. In this Flash Report, we summarize the SEC’s adopted amendments to its rules on cybersecurity disclosures and provide guidance to public companies that will need to comply with these rules as soon as December 2023. 

Recommended Resources 

This list of recommended resources from the web may be of interest to you. Click each link to learn more. 

  1. Scams Are Surging in the Summer, the IRS Says
  2. Why a Smaller IT Headcount Is Not Necessarily Better: Metric of the Month
  3. ​​​Demystifying Digital Transformation in Finance

 

0 Comments

Topics

Ethics Document Retention Fixed Assets Performance Management/Measurement Risk Assessment

Read More

Ethics Program Best Practices
Document Retention Policy Basics
How to Effectively Audit Fixed Assets