Professional Documents
Culture Documents
Table of Contents
Section 1 Financial Close Process ......................................................................................... 3
Section 2 Entity Level Controls - Control Environment ........................................................... 5
Section 3 Entity Level Controls - Information & Communication............................................. 8
Section 4 Entity Level Controls Monitoring ........................................................................ 10
Section 5 Entity Level Controls Risk Assessment ............................................................. 12
Section 6 Expenditure Process Controls .............................................................................. 12
Section 7 Fixed Assets Process Controls ............................................................................. 17
Section 8 Inventory Management Process Controls ............................................................. 19
Section 9 Payroll Process Controls ...................................................................................... 22
Section 10 Revenue Process Controls ................................................................................. 24
Section 11 Treasury Process Controls ................................................................................. 27
Section 12 SOX Checklist..................................................................................................... 30
ABOUT APPROVA .................................................................................................................. 34
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
Financial
Close
Financial
Close
Financial
Close
Financial
Close
Financial
Close
Financial
Close
Financial
Close
Financial
Close
Financial
Close
10
Financial
Close
11
Financial
Close
12
Financial
Close
System logic prevents journal entries for which debits do not equal
credits.
13
Financial
Close
14
Financial
Close
15
Financial
Close
Ability to
Automate
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
Description of Automation
16
Financial
Close
17
Financial
Close
18
Financial
Close
19
Financial
Close
20
Financial
Close
21
Financial
Close
22
Financial
Close
23
Financial
Close
24
Financial
Close
z
z
z
z
z
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
Integrity &
Ethical Values
Integrity &
Ethical Values
Integrity &
Ethical Values
Integrity &
Ethical Values
Integrity &
Ethical Values
Integrity &
Ethical Values
Integrity &
Ethical Values
Integrity &
Ethical Values
Individual compensation awards are in line with the ethical values of the
company, and foster an appropriate ethical tone (e.g., bonuses are not
given to those that meet objective, but in the process circumvent
established policies, procedures, or controls).
Commitment to
Competence
10
Commitment to
Competence
11
Commitment to
Competence
Ability to
Automate
Description of Automation
z
z
z
z
z
z
z
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
12
Commitment to
Competence
13
Commitment to
Competence
14
Commitment to
Competence
15
16
17
18
19
Management's
Philosophy &
Operating Style
Management's
Philosophy &
Operating Style
Management's
Philosophy &
Operating Style
Management's
Philosophy &
Operating Style
Management's
Philosophy &
Operating Style
20
Organizational
Structure
21
Organizational
Structure
22
Organizational
Structure
23
Organizational
Structure
24
25
26
27
28
29
30
Assignment of
Authority &
Responsibility
Assignment of
Authority &
Responsibility
Assignment of
Authority &
Responsibility
Assignment of
Authority &
Responsibility
Assignment of
Authority &
Responsibility
Human
Resources
Policies &
Procedures
Human
Resources
Policies &
Procedures
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
31
32
33
34
35
Human
Resources
Policies &
Procedures
Human
Resources
Policies &
Procedures
Human
Resources
Policies &
Procedures
Human
Resources
Policies &
Procedures
Human
Resources
Policies &
Procedures
1
z = Significant opportunities to implement a controls monitoring and audit (CMA) solution
z = Some opportunity to implement a controls monitoring and audit (CMA) solution
z = Little or no opportunity to implement a controls monitoring and audit (CMA) solution
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
Information
Availability
Information
Availability
Information
Availability
Information
Availability
Information
Availability
Reliability of IT
Systems
Ability to
Automate
Description of Automation
z
z
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
Reliability of IT
Systems
Reliability of IT
Systems
Reliability of IT
Systems
10
Reliability of IT
Systems
11
Reliability of IT
Systems
The entity has a disaster recovery plan in place that allows for the
timely recovery of information. The disaster recovery plan is tested
regularly and is updated as the business changes.
12
Reliability of IT
Systems
13
Communication
14
Communication
15
Communication
16
Communication
17
Communication
z
z
z
z
z
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
Ongoing
Monitoring
Ongoing
Monitoring
Ongoing
Monitoring
Ongoing
Monitoring
Ongoing
Monitoring
Ongoing
Monitoring
Ongoing
Monitoring
Ongoing
Monitoring
Ability to
Automate
z
z
z
z
z
z
z
Description of Automation
CMA solutions can continuously monitor
SOD, Financial Close, Order to Cash,
Procure to Pay, System Configuration,
Sensitive Transactions, and custom
transactions in financial systems to ensure
compliance is met and enforced.
CMA solutions can continuously monitor
SOD, Financial Close, Order to Cash,
Procure to Pay, System Configuration,
Sensitive Transactions, and custom
transactions in financial systems to ensure
compliance is met and enforced.
CMA solutions include remediation workflow
to remediate SOD violations. This
remediation includes applying compensating
controls for exceptions.
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
10
Ongoing
Monitoring
10
Reporting
Deficiencies
11
Reporting
Deficiencies
12
Reporting
Deficiencies
13
Reporting
Deficiencies
14
Separate
Evaluations
15
Separate
Evaluations
16
Separate
Evaluations
z
z
z
z
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
11
Entity-Wide
Objectives
Entity-Wide
Objectives
Entity-Wide
Objectives
Entity-Wide
Objectives
Activity-Level
Objectives
Activity-Level
Objectives
Risk
Identification &
Management
Risk
Identification &
Management
Risk
Identification &
Management
10
Risk
Identification &
Management
11
Risk
Identification &
Management
12
13
Risk
Identification &
Management
Risk
Identification &
Management
Ability to
Automate
Description of
Automation
z
z
z
z
z
z
z
z
z
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
12
14
Risk
Identification &
Management
15
Risk
Identification &
Management
16
Manage
Change
17
Manage
Change
18
Manage
Change
19
Manage
Change
20
Manage
Change
21
Manage
Change
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
13
Purchasing
Purchasing
Purchasing
Purchasing
Purchasing
Purchasing
Purchasing
Purchasing
Purchasing
10
Purchasing
11
Purchasing
12
Purchasing
13
Receiving
14
Receiving
Ability to
Automate
z
z
z
z
z
z
z
z
z
z
z
z
z
z
Description of Automation
CMA solutions can monitor purchase
orders for appropriate approvals.
CMA solutions can monitor master
data and other key fields in purchase
orders.
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
14
15
Receiving
16
Receiving
17
Receiving
18
Receiving
19
Receiving
20
Receiving
21
Receiving
22
23
24
25
26
27
28
Processing
Accounts
Payable
Processing
Accounts
Payable
Processing
Accounts
Payable
Processing
Accounts
Payable
Processing
Accounts
Payable
Processing
Accounts
Payable
Processing
Accounts
Payable
29
Processing
Accounts
Payable
30
Processing
Accounts
Payable
31
Processing
Accounts
Payable
32
Processing
Accounts
Payable
33
34
35
36
Processing
Accounts
Payable
Processing
Accounts
Payable
Processing
Accounts
Payable
Processing
Accounts
Payable
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
15
37
38
39
40
41
42
43
44
45
Processing
Accounts
Payable
Processing
Accounts
Payable
Processing
Accounts
Payable
Maintaining
Vendor
Master File
Maintaining
Vendor
Master File
Maintaining
Vendor
Master File
Maintaining
Vendor
Master File
Maintaining
Vendor
Master File
Maintaining
Vendor
Master File
z
z
z
z
z
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
16
Acquiring Fixed
Assets
Acquiring Fixed
Assets
Acquiring Fixed
Assets
Acquiring Fixed
Assets
Acquiring Fixed
Assets
Depreciating
Fixed Assets
Depreciating
Fixed Assets
Depreciating
Fixed Assets
Disposing of
Fixed Assets
10
Disposing of
Fixed Assets
11
Disposing of
Fixed Assets
12
Disposing of
Fixed Assets
13
Managing Fixed
Assets
14
Managing Fixed
Assets
15
Managing Fixed
Assets
Ability to
Automate
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
Description of Automation
CMA solutions monitor the
proper security within the
ERP to reduce unauthorized
changes.
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
17
16
Managing Fixed
Assets
17
Managing Fixed
Assets
18
Managing Fixed
Assets
19
20
21
22
Maintaining
Fixed Asset
Register and/or
Master File
Maintaining
Fixed Asset
Register and/or
Master File
Maintaining
Fixed Asset
Register and/or
Master File
Maintaining
Fixed Asset
Register and/or
Master File
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
18
Managing Inventory
Managing Inventory
Managing Inventory
Managing Inventory
Managing Inventory
Receiving and
Storing Raw
Materials
Receiving and
Storing Raw
Materials
Ability to
Automate
z
z
z
11
Requisitioning
Materials
z
z
z
z
z
z
z
z
12
Producing/Costing
Inventory
13
Producing/Costing
Inventory
14
Producing/Costing
Inventory
z
z
10
Receiving and
Storing Raw
Materials
Receiving and
Storing Raw
Materials
Receiving and
Storing Raw
Materials
Description of Automation
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
19
15
Producing/Costing
Inventory
16
Producing/Costing
Inventory
17
Handling Finished
Products
18
Handling Finished
Products
19
Handling Finished
Products
20
Shipping Finished
Products
21
Shipping Finished
Products
22
Shipping Finished
Products
23
Shipping Finished
Products
24
Shipping Finished
Products
z
z
z
z
z
z
z
z
25
Shipping Finished
Products
26
Shipping Finished
Products
27
28
29
30
31
32
Maintaining
Inventory Master
File
Maintaining
Inventory Master
File
Maintaining
Inventory Master
File
Maintaining
Inventory Master
File
Maintaining
Inventory Master
File
Inventory
Accounting
z
z
z
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
20
33
34
Inventory
Accounting
Inventory
Accounting
35
Inventory
Accounting
36
Inventory
Accounting
37
Inventory
Accounting
38
Inventory
Accounting
39
Inventory
Accounting
40
Inventory
Accounting
41
Inventory
Accounting
z
z
z
z
z
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
21
Hiring
Personnel
Hiring
Personnel
Terminating
Personnel
Terminating
Personnel
Terminating
Personnel
Recording
Time
Recording
Time
Recording
Time
Calculating
Payroll
10
Calculating
Payroll
11
Disbursing
Payroll
12
Disbursing
Payroll
13
Disbursing
Payroll
14
Maintaining
Payroll
Master
Files
Ability to
Automate
z
z
z
z
z
z
z
z
z
z
z
z
z
z
Description of Automation
CMA solutions monitor changes
to employee master data.
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
22
15
16
17
Maintaining
Payroll
Master
Files
Maintaining
Payroll
Master
Files
Maintaining
Payroll
Master
Files
All valid changes to the payroll master files are input and
processed.
18
Maintaining
Payroll
Master
Files
19
Managing
Payroll
Accounting
20
Managing
Payroll
Accounting
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
23
Business
Activity
Managing and
Processing
Orders
Managing and
Processing
Orders
Managing and
Processing
Orders
Managing and
Processing
Orders
Managing and
Processing
Orders
Managing and
Processing
Orders
Managing and
Processing
Orders
Managing and
Processing
Orders
10
11
Managing and
Processing
Orders
Managing and
Processing
Orders
Shipping
Ability to
Automate
z
z
z
z
Description of Automation
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
24
12
Shipping
13
Shipping
14
Shipping
15
Shipping
16
Shipping
17
Invoicing, Sales
Returns and
Adjustments
18
19
20
21
22
Invoicing, Sales
Returns and
Adjustments
Invoicing, Sales
Returns and
Adjustments
Invoicing, Sales
Returns and
Adjustments
Invoicing, Sales
Returns and
Adjustments
Invoicing, Sales
Returns and
Adjustments
z
z
z
z
z
z
z
z
z
z
z
23
Invoicing, Sales
Returns and
Adjustments
24
Invoicing, Sales
Returns and
Adjustments
z
z
z
z
z
25
26
27
Invoicing, Sales
Returns and
Adjustments
Invoicing, Sales
Returns and
Adjustments
Invoicing, Sales
Returns and
Adjustments
28
Invoicing, Sales
Returns and
Adjustments
29
Invoicing, Sales
Returns and
Adjustments
30
Processing
Cash Receipts
31
Processing
Cash Receipts
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
25
32
Processing
Cash Receipts
33
Processing
Cash Receipts
34
Processing
Cash Receipts
35
Processing
Cash Receipts
36
Processing
Cash Receipts
37
Processing
Cash Receipts
38
39
Managing
Accounts
Receivable
Managing
Accounts
Receivable
40
Managing
Accounts
Receivable
41
Managing
Accounts
Receivable
42
Managing
Accounts
Receivable
43
Managing
Accounts
Receivable
44
Maintaining
Customer
Master File
45
46
47
Maintaining
Customer
Master File
Maintaining
Customer
Master File
Maintaining
Customer
Master File
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
26
Borrowing
Borrowing
Borrowing
Borrowing
Borrowing
Borrowing
Borrowing
Borrowing
Borrowing
10
Managing
Cash and
Investments
11
Managing
Cash and
Investments
12
Managing
Cash and
Investments
13
Managing
Cash and
Investments
14
Managing
Cash and
Investments
Ability to
Automate
Description of
Automation
z
z
z
z
z
z
z
z
z
z
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
27
15
Managing
Cash and
Investments
16
Managing
Derivative
Transactions
17
Managing
Derivative
Transactions
18
Managing
Derivative
Transactions
19
Managing
Derivative
Transactions
20
Managing
Derivative
Transactions
21
Managing
Derivative
Transactions
22
Managing
Derivative
Transactions
23
Managing
Derivative
Transactions
24
Managing
Derivative
Transactions
25
Managing
Derivative
Transactions
26
Managing
Derivative
Transactions
27
Cash
Accounting
28
Cash
Accounting
29
Cash
Accounting
30
Cash
Accounting
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
28
31
Cash
Accounting
32
Cash
Accounting
33
Cash
Accounting
34
Cash
Accounting
35
Cash
Accounting
The cash balances in the petty cash funds are reconciled and reviewed
by an independent person monthly
z
z
z
z
z
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
29
Area of Significance
Financial Statement
Element
Policy
Balance Sheet
Assets
Cash & Cash Equivalents
Investments/
Foreign Exchange
Accounts Receivable
Other Assets
Cash receipts
Bank account reconciliations
Banking policy and relationships
Cash disbursements/manual checks
Check signing requirements
Outstanding checks
General cash
Petty cash
Deposits
Investment responsibility
Foreign currency translation
Fair value of financial instruments
Derivatives policy
Investments in associated companies
Functional currency
Hedging guidelines
Investment portfolio composition
General accounts receivable
Credit memos
Allowance for doubtful accounts/credit risk
Credit risk
Credit balances
Customer deposits
Records maintenance
Invoice billings
AFE's
Acquisitions and dispositions
Assets of discontinued operations
Disposals
Asset retirement obligations
Reconciliations
Physical asset security
General property and equipment
Inventory
Inventory accounting
Physical inventory procedures
Multi-client library
Goodwill and intangible assets
Other long-lived assets
Other current assets (pre-paid expenses,
inventory, spares, deferred costs, advances)
Software costs
General other assets
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
30
Liabilities
Accounts Payable
Other Liabilities
Debt
Stockholders' Equity
Accounts payable
Competitive bids
Request for proposal
Purchase requisitions
Purchase orders
Contracts
Purchasing procedures
Vendor selections
Vendor file maintenance
Equipment rentals
General
Accrued expenses (employee benefits, debt
restrictions, vessel operations, interest,
severance, advances)
Deferred revenue
Allowance for bad debts
Bank overdrafts
Income taxes
Accrued employee compensation
Deferred taxes
Warranties
General
Long-term debt (Approval, debt issuance cost,
accounting for current maturities)
Subsidiaries with separate debt
Operating and capital lease obligations
Short-term debt
Capital stock
Stock transactions
Income Statement
Revenues
Expenses
Revenue recognition
Revenue reporting
Cost of sales
Third party reimbursable expenses
Payroll
Operating income (expense)
Capitalization
Depreciation and amortization
Research and development
Selling, general and administrative costs
Travel and entertainment
Impairment of long-lived assets
Steaming and mobilization
Income (loss) from associated companies
Interest expense/income
Minority expense
Results of discontinued operations
Insurance
Other expenses
Fiscal adjustments
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
31
General
Financial Management
Human Resources
Information Technology
Other
Chart of accounts
Consolidation
Segment reporting and disclosures
Reporting packages
Business combinations
Period-end financial reporting
Month-end closing procedures
Reconciliations
Inter-company allocations
Variable interest entities
Commitments and contingencies
Related parties
Disclosures
Process change control
Unusual transactions
Budgeting and forecasts
Release of financial/ confidential information
Journal entry
Employment (hiring, promotion) policies
Employee benefits
Compensation / Payroll
Termination
Performance appraisals
Executive compensation
Incentive compensation
Employee handbook
Attendance, holidays, vacation, sick leave
Relocation payments
Internal transfers
Family & medical leave
Americans with Disabilities Act
Share-based compensation plans
Fair employment practices
Orientation and training
Employment verifications / background check
Equal opportunity
Sexual harassment / other harassment
New employee processing
Hiring of consultants / contractors
Personnel files and records
Information security
Systems change policy
Software licensing
Electronic information (e-mail) systems
Trade shows
Workplace rules, safety and health
Disaster management / business resumption
Corporate credit cards
Use of company vehicles
Magazine subscriptions
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
32
Corporate
Governance
General
Board of Directors
Internal Audit
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
33
ABOUT APPROVA
Approva Corporation is the industry-leading provider of continuous controls monitoring and
audit software. We enable business, finance, IT and audit professionals to automate the ondemand testing, closed-loop remediation and continuous, exception-based monitoring of
controls within and across their business systems. Using our solutions, customers are able to
significantly increase visibility into their controls, streamline the audit process, cost-effectively
sustain their compliance initiatives and reduce exposure to mistakes, fraud and inefficiencies
for business processes such as procurement, sales and delivery, payroll and financial close.
In addition, our automated solutions act as key preventative and detective controls, further
strengthening our customers financial and operational control environments. Global
companies such as Campbell Soup Company, Colgate-Palmolive, the Commonwealth of
Pennsylvania, DirecTV, Discovery Communications, McCormick & Company, P&G, Pratt &
Whitney, Siemens and Wyndham Hotels & Resorts rely on Approva BizRights Platform and
Enterprise Controls Suite to reduce compliance risk, increase operational efficiency and flag
exceptions to their business controls.
For more information:
Website: www.approva.net
Information: info@approva.net
Sales: sales@approva.net
Audit Checklists & Continuous Auditing for Financial Close and Sarbanes-Oxley (SOX) Audit Procedures
34