White Papers - General Image Header

White Papers



Protiviti regularly publishes whitepapers covering a wide range of topics, such as corporate governance, internal audit best practices, emerging technologies, IT security and industry-specific risks. 

Risk Solutions

Risks can challenge the success of a business from both inside and outside of the organization. Many of these risks are industry-specific, such as the regulatory concerns within financial services and healthcare. Others are common to all industries, such as supply chain capacity, failed business continuity, financial reporting reliability, lax network security, human resources availability and customer relationship integrity.

Latest Whitepaper: Designing SAP Application Security - Leveraging SAP Access Monitoring Solutions During SAP Implementations, Upgrades or Security Redesign Projects

The organizations that best understand and manage their industry-specific risks are better able to gain a competitive advantage.

Latest Whitepaper:
Getting to Strong – What Banking Organizations Need to Know

View by:  Risk Solutions  |  Industry
Financial Close Optimization: Five Steps for Identifying and Resolving Systems and Process Inefficiencies
A recent survey by the Institute of Management Accountants found that financial closing is one of the key challenges accounting and finance organizati...
Establishing and Nurturing an Effective Risk Culture
Building on prior installments of our CRO Series covering the importance of effective board risk oversight and CRO positioning within the organization...
Communication, Training, Engagement - The Keys to Sustainable User Adoption of SharePoint
This white paper explains how organizations can engage users by clarifying and personalizing the benefits that can be achieved. It also examines how e...
A Strong Compliance Culture Starts With Managing Third-Party Corruption
Many businesses today, particularly those that operate internationally, are heavily reliant on intermediaries – independent third parties that act on ...
Cloud Security – Keeping Data Safe in the “Boundaryless” World of Cloud Computing
As cloud service providers mature, and expand and refine their offerings, it is increasingly difficult for many organizations not to at least consider...
Unlocking the Value of Continuous Monitoring and Control Automation Capabilities in SAP Process Control
​Automation of controls is a key approach to improving efficiencies around business processes, enhancing visibility of business risks and increasing o...
Designing SAP Application Security – Leveraging SAP Access Monitoring Solutions During SAP Implementations, Upgrades or Security Redesign Projects
This white paper provides six steps organizations should take when implementing SAP application security using a top-down approach.
Improving Organizational Performance and Governance: How the COSO Frameworks Can Help
Co-authored by Protiviti Managing Director James DeLoach and IMA President and CEO Jeffrey C. Thomson, this paper relates the COSO frameworks to an ov...
New ORSA Requirement Set to Raise Expectations of Risk Management
Beginning in 2015, U.S. insurers operating within the member jurisdictions of the National Association of Insurance Commissioners (NAIC) will be manda...
Considering Going Public - Assessing Key Market Trends and Risks Based on Protiviti Research
Throughout the year, Protiviti conducts research and publishes insightful thought leadership on a broad range of issues affecting publicly held compan...
The Critical Role of the Board of Directors in Acquisitions
Many are predicting the M&A market is poised to accelerate following protracted uncertainty in global markets. Both strategic and financial buyers are...
Mitigating the Unique Risks of Accelerated ERP Implementations
The benefits of a rapid ERP implementation are enticing. Rather than spending months defining business processes and considering myriad features and o...
How to Select an ERP System
The correlation between investment and reward is perhaps nowhere more tenuous than when implementing a new ERP system. Seasoned companies, and even te...
SAP Access Management Governance: Getting It Right, Making It Sustainable
This white paper outlines a strategy to improve SAP access management efficiently and establish a structure for governance that standardizes the manag...
Viewing Your Anti-Corruption Efforts Through the Lens of the Hallmarks of an Effective Compliance Program
This white paper summarizes program hallmarks discussed in A Resource Guide to the U.S. Foreign Corrupt Practices Act and includes excerpts from each ...
Managing the SAP Access Control 10.0 Upgrade: Lessons Learned
This product suite helps security and compliance teams improve their ability to manage risks and controls pervasively and within a single platform.
Growing With Governance, Risk and Compliance (GRC) Solutions
GRC solutions help organizations to manage, consolidate and automate processes that ideally provide one-stop shopping for business partners.
Avoiding Buyers Remorse with AML Monitoring Software
This white paper examines the consequences of implementing inadequate AML transaction monitoring programs.
Jump-Starting the Command Center - Communication for High-Risk Information Technology Events
This white paper focuses on the importance of such a command center, which should have a well-trained team devoted to documenting, prioritizing, escal...
Readiness Assessment in the Wake of the JOBS Act
Discusses public company transformation readiness assessment after the JOBS Act.
Selecting an ERP System
Hot Topics in Public Company Transformation: Selecting an ERP System
ERP Implementation Risk: Identifying, Monitoring and Remediating Issues Throughout the Project to Ensure Success
This white paper discusses some common risks that arise during the ERP implementation process and recommendations for managing them.
Defining Risk Appetite
Early Mover Series: Integrating Corporate Performance Management and Risk Management
Internal Audit's Role in Cloud Computing
Discusses the numerous risk factors that must be managed to ensure the availability of a cloud computing solution.
Performance/Risk Integration Management Model – PRIM2 Early Mover Series: Maximizing the Value of Competitive Intelligence
Examines how companies can become effective early movers by first understanding market opportunities and risks – both for themselves and their competi...
Is Your Company Vulnerable to a Rogue Trader?
Offers guidance on identifying and hindering rogue trading activities while stressing the importance of strong trading controls and oversight.
SAP BusinessObjects GRC Access Control 10.0 – New Feature Highlights and Initial Lessons Learned
Describes what new features are available in the updated offering from SAP and gives insights regarding the advantages to this enhanced solution.
Performance/Risk Integration Management Model – PRIM2 Early Mover Series: Analyzing Strategic Risk
Considers the many advantages companies can gain by becoming an early mover in integrating strategy, performance and risk management.
Old National Bank: A Leader in Performance Management
Profiles Old National Bank's successful effort to design and implement enterprise management reporting capabilities throughout its organization.
PCI DSS 2.0: Key Changes for 2011
Discusses how Payment Card Industry Data Security Standard (PCI DSS) 2.0 has changed from PCI DSS 1.2.
Proactive Risk Management with SAP BusinessObjects: Leveraging Technology to Gain Enterprise Transparency and Rapid Insight into Changing Business Conditions
Offers guidance on how organizations can begin the process of implementing a risk management culture.
Process Control Optimization with SAP
Explains why organizations need to have optimal control over their procure-to-pay business cycle and provides examples of what this may involve.
Staying Out of the Headlines: Strategies to Combat Corruption Risk
Identifies frequently recurring areas of FCPA risk for companies and stresses the importance of establishing an effective compliance program to guard ...
Improving Working Capital Management and Cash Flow Intelligence
Report from APQC and Protiviti showcases how premier organizations have developed effective strategies and processes for reducing working capital requ...
Testing the Reporting Process – Validating Critical Information
Provides a common working definition for report testing, explains why it is important, and offers useful guidance on how management can scope and exec...
The Name of the Game Is Risk: Secrets of the Winning Hand
Uses the game of poker as an analogy to define the secrets of the “winning hand” for chief risk officers.\r\n
2011 Internal Audit Plan Considerations
Presents 10 key areas that should assist organizations in their risk assessments and internal audit planning.
Using High Value IT Audits to Add Value and Evaluate Key Risks and Controls
Discusses the importance of effectively chosen, planned and delivered high value IT audits.
Internal Auditing is an Asset for Small Companies as well as Large Ones
A review of how even smaller organizations and entrepreneurs can benefit from internal auditing.
Reaching New Levels of Supply Chain Effectiveness and Sustainability
This paper presents practical guidance and examines how strategic sourcing capabilities are evolving among leading practitioners.
Elster Group Demonstrating the Power of One
An IT Transformation that Runs on 'Full Visibility'
Assessing New Rules Regarding the Personal Obligation of Senior Accounting Officers of Large Companies
Answers FAQs regarding Schedule 46, new UK legislation that makes SAOs of large companies liable to taxes and duties in the United Kingdom responsible...
Changes to The IIA Standards
This paper reviews key changes The IIA introduced to its International Standards for the Professional Practice of Internal Auditing in 2009, along wit...
Key Questions Regarding Integrated GRC
Learn about the value of integrated GRC, typical barriers companies face when implementing such a program and steps to achieving value, among other co...
Change Management in a Dynamic Environment: Connecting with Employees to Increase the Odds of Success
This whitepaper outlines the importance of understanding employee behavior as a key component of successful change management.
Auditor Attestation of Internal Control Over Financial Reporting: A Smaller Public Company Perspective
This paper explores considerations for smaller public companies as they prepare for their first auditor attestation of internal control over financial...
Top Priorities for Internal Audit
This paper provides 10 strategic priorities for every public and private company.
Partnering with the Rest of the Board
This paper reviews these issues, as well as key strengths and weaknesses of some of the most common authentication technologies used today.
High Value Audits: An Update on Information Technology Auditing
This whitepaper provides a current outlook on high value IT audits, including a snapshot of the present technology landscape and its impact on interna...
Capitalizing on Sarbanes-Oxley Compliance to Build Supply Chain Advantage
This booklet details how the Sarbanes-Oxley Act has a complementary impact on supply chain risks in infrastructure design, transaction integrity and r...
Reduce Supply Chain Risks and Improve Your Bottom Line Through High-Impact Supply Chain and Procurement Capability Assessments
This paper from Protiviti and APICS describes an effective methodology for performing high-impact internal audit assessments for a key supply chain ma...
The paper is intended to provide insight to business leaders on the leadership qualities, business processes and documenting technologies that help or...
Controls Intelligence: An Examination of How Robust Controls Analytics Can Improve Business Processes and Streamline Compliance
This paper examines how robust controls analytics can improve business processes and streamline compliance.
Making Sarbanes-Oxley Compliance More Cost-Effective While Improving Quality and Sustainability
This whitepaper discusses how every organization can transition from the narrow focus on pass/fail compliance to a cost-effective, sustainable and val...
The E-Discovery Challenge Moves to the C-Suite: New Legislation Is Upping the Ante Even Further, Making It Crucial to Manage E-Discovery at the Enterprise Level
This whitepaper discusses the nature of e-discovery risk, why it is now weighing on the minds of C-level executives, and best practices for implementi...
Technology Investment: Achieving Balance Between Business Requirements and Regulatory Compliance
This whitepaper discusses how CIOs can achieve this balancing act thanks to governance, risk and compliance (GRC).
How the New SEC Guidance Impacts Eight Key Decisions Driving a Cost-Effective Section 404 Assessment Process
This whitepaper explores eight key decisions along the Section 404 compliance process.
Managing Supply Disruptions
This whitepaper outlines the process of supply risk management to combat these disruptions.
Data Leakage: Affordable Data Leakage Risk Management
This whitepaper provides guidance on effective strategies and other considerations for protecting an organization’s data.
Constructive Engagement Through Effective Board Risk Oversight
Takes an in-depth look at how effective board risk oversight can contribute to the success of CROs.
Information Technology Configuration Management: Enabling IT Services and Assets
This whitepaper offers insights into the ways configuration and asset management can transform IT operations into a foundation for stability and innov...
SAP Security Remediation: Three Steps for Success Using SAP GRC
Protiviti whitepaper: Using SAP's GRC Access Control suite to help remediate and manage complex security environments.
Performance/Risk Integration Management Model - PRIM2: The Convergence of Corporate Performance Management and Risk Management
Protiviti unveils its enterprisewide program that establishes and maintains alignment of strategy, risk management capabilities and performance manage...
Texas Higher Education Coordinating Board Facilities Audit Protocol Q&A
Protiviti unveils its enterprisewide program that establishes and maintains alignment of strategy, risk management capabilities and performance manage...