Practice Guides
Practice Guides provide detailed guidance for conducting internal audit activities. They include detailed processes and procedures, such as tools and techniques, programs, and step-by-step approaches, as well as examples of deliverables.

Practice Guides are restricted to IIA members only. Learn more about becoming a member.

Practice Guides
PG Category Title Release Date
PG Formulating and Expressing Internal Audit Opinions April 2009
PG Auditing External Business Relationships May 2009
PG Internal Auditing and Fraud Dec. 2009
GTAG (Global Technology Audit Guide)
The Global Technology Audit Guides are written in straightforward business language to address a timely issue related to information technology (IT) management, control, and security.
PG GTAG-1 Information Technology Controls Jan. 2009
PG GTAG-2 Change and Patch Management Controls:
Critical for Organizational Success		 Jan. 2009
PG GTAG-3 Continuous Auditing: Implications for Assurance,
Monitoring, and Risk Assessment		 Jan. 2009
PG GTAG-4 Management of IT Auditing Jan. 2009
PG GTAG-5 Managing and Auditing Privacy Risks Jan. 2009
PG GTAG-6 Managing and Auditing IT Vulnerabilities Jan. 2009
PG GTAG-7 Information Technology Outsourcing Jan. 2009
PG GTAG-8 Auditing Application Controls Jan. 2009
PG GTAG-9 Identity and Access Management Jan. 2009
PG GTAG-10 Business Continuity Management Jan. 2009
PG GTAG-11 Developing the IT Audit Plan Jan. 2009
PG GTAG-12 Auditing IT Projects Mar. 2009
PG GTAG-13 Fraud Prevention and Detection in an Automated World Dec. 2009
GAIT (Guide to the Assessment of IT Risk)
The GAIT series describes the relationships among business risk, key controls within business processes, automated controls and other critical IT functionality, and key controls within IT general controls. Each practice guide in the series addresses a specific aspect of IT risk and control assessments.
PG GAIT The GAIT Methodology Jan. 2009
PG GAIT GAIT for IT General Control Deficiency Assessment Jan. 2009
PG GAIT GAIT for Business and IT Risk Jan. 2009

 

 
© 2010 The Institute of Internal Auditors / 247 Maitland Avenue Altamonte Springs, FL. 32701-4201 USA / +1-407-937-1100 / FAX +1-407-937-1101 • www.theiia.org