Escolar Documentos
Profissional Documentos
Cultura Documentos
1
(e) Title V: Analyst Conflicts of Interest 72
(f) Titles VI through X: Fraud Accountability and White-Collar Crime 72
(g) Title XI: Corporate Fraud Accountability 74
4.2 Performing Section 404 Reviews under AS 5 75
(a) Section 404 Internal Controls Assessments Today 75
(b) Launching the Section 404 Compliance Review 76
4.3 AS 5 Rules and Internal Audit 84
4.4 Impact of the Sarbanes-Oxley Act 87
Notes 87
2
6.4 Other Dimensions of COSO ERM: Enterprise Risk Objectives 142
(a) Operations Risk Management Objectives 142
(b) Reporting Risk Management Objectives 143
(c) Legal and Regulatory Compliance Risk Objectives 143
6.5 Entity-Level Risks 145
(a) Risks Encompassing the Entire Organization 145
(b) Business UnitLevel Risks 145
6.6 Putting It All Together 146
6.7 Auditing Risk and COSO ERM Processes 146
6.8 Risk Management and COSO ERM in Perspective 147
Notes 149
3
8.2 Content of the IIA Standards 187
(a) Internal Audit Attribute Standards 188
(b) Internal Audit Performance Standards 191
8.3 Codes of Ethics: The IIA and ISACA 196
Notes 198
4
11.3 Launching the CSA Process 255
(a) Performing the Facilitated CSA Review 257
(b) Performing the Questionnaire-Based CSA Review 259
(c) Performing the Management-Produced Analysis CSA Review 261
11.4 Evaluating CSA Results 261
11.5 Benchmarking and Internal Audit 262
(a) Implementing Benchmarking to Improve Processes 263
(b) Benchmarking and the IIAs GAIN Initiative 265
11.6 Better Understanding Internal Audit Activities 269
Notes 269
5
CHAPTER 14 Understanding Project Management 305
14.1 Project Management Processes 305
(a) Project Management Book of Knowledge 306
(b) Developing a Project Management Plan 310
14.2 PMBOK Program and Portfolio Management 311
14.3 Organizational Process Maturity Model 315
14.4 Using Project Management for Effective Internal Audit Plans 318
14.5 Project Management Best Practices and Internal Audit 318
Notes 319
6
17.3 Internal Audit Reporting Cycle 366
(a) Draft Audit Reports 368
(b) Audit Reports: Follow-Up and Summary 371
(c) Audit Report and Workpaper Retention 372
17.4 Effective Internal Audit Communications Opportunities 373
17.5 Audit Reports and Understanding the People in Internal Auditing 376
7
19.4 Completing the IT Applications Controls Audit 443
(a) Clarifying and Testing Audit Internal Control Objectives 444
(b) Completing the Application Controls Review 448
19.5 Application Review Example: Client-Server Budgeting System 448
(a) Reviewing Capital Budgeting System Documentation 449
(b) Identifying Capital Budgeting Application Key Controls 450
(c) Performing Application Tests of Compliance 451
19.6 Auditing Applications under Development 451
(a) Objectives and Obstacles of Preimplementation Auditing 452
(b) Preimplementation Review Objectives 453
(c) Preimplementation Review Problems 454
(d) Preimplementation Review Procedures 455
19.7 Importance of Reviewing IT Application Controls 459
Notes 459
8
21.3 CAATT Software Tools 487
(a) Types of CAATTs: Generalized Audit Software 488
(b) Report Generators Languages 489
(c) Desktop and Laptop CAATTs 491
(d) Test Data or Test Deck Approaches 492
(e) Specialized Audit Test and Analysis Software 496
(f) Embedded Audit Procedures 496
21.4 Selecting Appropriate CAATT Processes 501
21.5 Steps to Building Effective CAATTs 501
21.6 Using CAATTs for Audit Evidence Gathering 503
Notes 504
9
23.7 Other Audit Committee Roles 547
10
26.3 Other Personal Privacy and Security Legislative Requirements 600
11
(a) Importance of Storage Tools 655
(b) Data Warehouses and Data Mining 656
(c) Online Analytical Processing 658
29.5 Newer Technologies, the Continuous Close, and Internal Audit 659
Notes 660
12
32.3 Lean Six Sigma 716
32.4 Auditing Six Sigma Processes 718
32.5 Six Sigma in Internal Audit Operations 719
Note 721
CATATAN:
13