This page contains many of the methodologies & models that are available on KnowledgeLeader. These methodologies & models are all provided in downloadable versions so they can be repurposed for use in your organization.
Merger and Acquisition Integration Methodology
The focus of this document is the integration phase of a merger or acquisition. The success or failure of this phase will determine whether the merger or acquisition ultimately meets company business goals.
Capability Maturity Model – Legal Spend Management
The capability maturity model (CMM) is a framework that describes an improvement path from an ad hoc, immature process to a mature, disciplined process focused on continuous improvement. This CMM defines the attributes of each element of infrastructure within the capability maturity continuum for legal spend management.
Capability Maturity Model – Procurement
The capability maturity model (CMM) is a framework that describes an improvement path from an ad hoc, immature process to a mature, disciplined process focused on continuous improvement. This CMM defines the attributes of each element of infrastructure within the capability maturity continuum for a procurement process.
Six Elements of Infrastructure for ERM
The Six Elements of Infrastructure is a useful tool for categorizing issues, understanding where problems are occurring within an organization, and drawing conclusions to form the basis for recommendations. This example of the Six Elements focuses on key aspects to build strong enterprise risk management infrastructure.
Project Management Methodology
Using a standard project management methodology is to maximize the success rate of projects delivered to our customers. This project management methodology document focuses on project standards and project management processes and techniques.
Assessing Process Maturity for Internal Control over Financial Reporting Compliance – Capability Maturity Model
The following five capability levels represent states of maturity by which the project team can rate the upstream business processes where the company’s internal controls are embedded. Organizations can use this model to assess the impact of process maturity on internal control over financial reporting for Section 404(b) compliance.
Six Elements of Infrastructure for Public Company Readiness
The six elements of infrastructure is a useful tool for categorizing issues, understanding where problems are occurring within the organization, and drawing conclusions to form the basis for recommendations. Consider these elements when designing a new process or assessing an existing process. This example focuses on aspects of an initial public offering (IPO).
Enhanced Telecom Operations Model (eTOM) Process Classification Scheme
This conceptual view of an example Enhanced Telecom Operation Model (eTOM) process classification scheme (PCS) addresses the major business process areas of strategy, infrastructure & product, operations and enterprise management, and just as importantly, the supporting functional process areas. Read this document to learn more about the fundamental knowledge of telecommunication customer needs and all functionalities necessary for the acquisition, enhancement and retention of a relationship with a customer.
Stock Compensation Processes and Controls – Six Elements of Infrastructure
The Six Elements of Infrastructure is a useful tool for categorizing issues, understanding where problems are occurring within the organization, and drawing conclusions to form the basis for recommendations. These elements should be considered when designing a new process or assessing an existing process. This example of the Six Elements focuses on key aspects to build strong internal controls around the stock compensation process.
Process Classification Scheme (PCS)
The Process Classification Scheme (PCS) is a framework that helps organize information about a company, according to relevant business and/or industry processes, and defines the individual functions of a business that should take place at the strategic, operational and tactical levels. Depicting each function as a defined process or sub-process helps promote a common language and provides a “roadmap” to help identify processes and related risks and potential controls that may be applicable to the organization. Note: The PCS is not an all-inclusive list of existing business processes. Companies should customize the PCS (processes and associated sub-processes) to fit the facts, circumstances and culture of the organization.
Six Elements of Infrastructure
The Six Elements of Infrastructure is a useful tool for categorizing issues, understanding where problems are occurring within the organization, and drawing conclusions to form the basis for recommendations. These elements should be considered when designing a new process or assessing an existing process. You can use the Six Elements in conjunction with the Capability Maturity Model (CMM) to determine the needed improvements in process capability.
Capability Maturity Model (CMM)
The Capability Maturity Model (CMM) is a framework that describes an improvement path from an ad-hoc, immature process to a mature, disciplined process focused on continuous improvement. The CMM defines the state of a process using a common language which is based on the Carnegie Mellon Software Engineering Institute Capability Maturity Model. The CMM consists of a continuum of five process maturity levels, enabling process owners to rate the state, or maturity, of a given process as Initial, Repeatable, Defined, Managed or Optimizing.
Protiviti's Sarbanes-Oxley Section 404 Compliance Initiatives Methodology
Protiviti has developed a phased approach to the execution of Sarbanes-Oxley Section 404 compliance. The approach is facilitated by project management, knowledge sharing, communication and continuous improvement. It applies the COSO Internal Control – Integrated Framework by taking both an entity-level and a process-level view of the business. This document provides a high level overview of Protiviti’s approach.
Protiviti Risk ModelSM
The Protiviti Risk Model is a comprehensive organizing framework for defining and understanding potential business risks. The model categorizes business risk into three main areas: Environment Risk, Process Risk, and Information for Decision-Making Risk.
Business Continuity Management Methodology
Business continuity management (BCM) is best addressed by using a proven methodology. The methodology should be based upon the risks related to an organization’s key business processes which, if they were to be interrupted, might otherwise bring about a seriously damaging or potentially fatal loss to the enterprise. This seven-phased BCM methodology adheres to industry best practices and can be tailored to companies of all sizes.
Fraud/Integrity Risk Methodology
This methodology is a flexible framework upon which internal audit teams can build. It outlines an approach for addressing integrity risk within an organization, focusing exclusively on the Integrity Risk section of the Process Risk category of the Protiviti Risk Model. The methodology addresses key questions in this risk assessment process such as current management of and measurement of integrity risk.
Business Self-Assessment Methodology
Business Self-Assessment is Protiviti's dynamic self-assessment approach that leverages organizational knowledge to improve business performance at the entity or process level. Utilizing risk as its foundation, BSA uniquely integrates the assessment of strategic objectives, risks, controls and process-improvement opportunities.
Control Objectives for Information and Related Technology (COBIT) is a management tool for IT. It has been developed by ISACA as an accepted standard for good IT security and control practices. It is intended for use by management, IT auditors, and control and security practitioners. COBIT defines what needs to be done to implement an effective control structure.
Entity Level Internal Audit Methodology
The entity level business process audit methodology focuses on understanding and analyzing the business. This understanding is primarily used to identify the target processes and risks during the audit planning process. Tools are provided to help with each phase is the process.
Process Level Internal Audit Methodology
Once a process has been identified for an audit or review, this methodology provides guidance and tools for the phases to be performed during the review process. Process level reviews should focus on business risks and on improving process performance. This tool addresses The IIA Standards, information technology, and fraud.
Framework for Facilitated Self Assessment Meetings
This tool provides a detailed framework for internal auditors and others who are planning to conduct a facilitated self-assessment session. This framework is intended to introduce and describe a common facilitation framework to help deliver the highest-quality results. Each phase described includes a checklist of key issues to address throughout the self-assessment process.
Enterprise Business Risk Management Process - Overview Framework
Enterprise business risk management is illustrated broadly in this framework. It is a continuous process of establishing risk management objectives, assessing risks within the context of established tolerances, developing strategies and implementing risk management processes, and monitoring and reporting upon those processes.
Information Security Framework
The Protiviti Risk Model helps to source and size these risks, and creates a common language for the organization to discuss and determine different acceptable risk levels. Only after vital business risks have been identified can security solutions be evaluated and implemented.
Internal Audit Quality Assurance Review Methodology
This methodology outlines a process for performing a quality assurance review of the internal audit function. It allows the QAR team to gain insight into performance gaps and operations of the internal auditing department. Also included are links to tools, surveys and other resources to help accomplish a quality assurance process.