IT Audit - The Institute Of Internal Auditors  


Reference Library

The Reference Library provides useful online resources to the auditor looking for specific IT-related information.

Information about computer viruses and virus detection products and services.
Vendors providing software developed specifically for use by auditors.
Resources on electronic business and commerce, including business and technology issues, and technical references.
Technology information and resources published in government Web sites, including guidelines, checklists, audit programs, case studies, and research results.
Resources on information management issues, including management and technologies.
Information on operating systems for mainframes, mini, and microcomputers; networking systems; database management systems; and other systems tools.
Mail list servers that can provide valuable information to IT auditors.
Professional associations and IT organizations that are of interest to auditors.
Legal and regulatory issues concerning IT, auditing, e-commerce, and other uses of technology.
Tools used by IT auditors for assessing IT and related risks and for contingency planning.
Information security and assurance hardware, software, and services.
Information on systems developers and systems development methodologies.
Resources on audit techniques and approaches, audit/auditor descriptions, and future directions in auditing and controls.
Information on business continuity planning issues, including risk analysis, impact assessment, emergency response, disaster recovery, contingency planning, and crisis management.
Resources describing preventive, detective, and corrective measures against fraud.
Vendors offering desktop and notebook computers, servers, and networking products.
Checklists for general and IT audits, covering operating systems, firewalls, networks, and Web security.
Legal issues concerning IT, auditing, e-commerce, and other uses of technology of interest to internal and IT auditors.
Information and organizations related to privacy issues, as well as products and services for safeguarding privacy.
Online and print publications of interest to IT auditors.
Risk management resources, publications, and white papers.
Information security resources such as computer crime investigators, computer emergency response teams, publications, research and standards organizations, and white papers.
References and descriptions of IT- and audit-related standards and standards-setting organizations.