Download the governance risk and compliance best practices linked in this blog post to properly map risks with controls.
1. IT Governance Capability Maturity Model (CMM)
This capability maturity model can be used to measure the maturity of an organization’s IT governance and to assist its progress from the initial/ad-hoc state toward the optimized state.
2. Chief Risk Officer Job Description
This tool contains three sample job descriptions that outline the responsibilities, key selection criteria and general information for the role of the chief risk officer (CRO).
3. IT Governance Audit Work Program
Organizations looking to conduct an IT governance audit can use the best-practice steps in this work program sample.
4. Corporate Responsibility Audit Work Program
This document contains two sample audit programs that outline general steps organizations can use to perform a corporate responsibility audit.
This tool provides three sample planning memos, which serve as a report of an internal audit function’s high-level assessment of the company’s audit planning process and outline what should be included in an audit planning memorandum.