Information Technology - The Institute of Internal Auditors

Information Technology
The Institute of Internal Auditors is dedicated to promoting and advocating the practice of internal audit, especially IT auditing.

Call for papers
The Research Foundation calls for papers for its 3rd IT Audit Research Symposium in July 2008. (PDF, 460KB)

Global Technology Audit Guide (GTAG^®) Series
Read and download the entire Global Technology Audit Guides (GTAG).

GAIT series
Learn more about the The Guide to the Assessment of IT Risk (GAIT) series. Each practice guide addresses a specific aspect of IT risk and control assessments

GTAG9 cover GTAG 9: Identity and Access Management
Identity and access management (IAM) is a cross-functional process that helps organizations to manage who has access to what information over a period of time. This process is used to initiate, capture, record, and manage the user identities and related access permissions to the organization's proprietary information. Chief audit executives (CAEs) should be involved in the development of the organization's IAM strategy as well as evaluate the implementation of the strategy and effectiveness of companywide access controls. The purpose of this GTAG is to provide insight into what IAM means to an organization and to suggest internal audit areas for investigation. It can assist CAEs and other internal auditors to understand, analyze, and monitor their organization's IAM processes. Download GTAG 9

GTAG 8 GTAG 8: Auditing Application Controls
Application controls are those controls that pertain to the scope of individual business processes or application systems. Effective application controls will help your organization to ensure the integrity, accuracy, confidentiality and completeness of your data and systems. This guide provides information on application control, its relationship with general controls, scope a risk-based application control review, the steps to conduct an application controls review, a list of key application controls, and a sample audit plan. Download GTAG 8 .

IT Audit Topics Research Symposium July 2007 (PDF, 12KB)

Quick Search Advanced Search Site Map IIA Popular Pages CIA Exam Content CFSA Individual Memberships Code of Ethics Information Technology		Home / Professional Guidance / Information Technology Information Technology The Institute of Internal Auditors is dedicated to promoting and advocating the practice of internal audit, especially IT auditing. Call for papers The Research Foundation calls for papers for its 3rd IT Audit Research Symposium in July 2008. (PDF, 460KB) Global Technology Audit Guide (GTAG^®) Series Read and download the entire Global Technology Audit Guides (GTAG). GAIT series Learn more about the The Guide to the Assessment of IT Risk (GAIT) series. Each practice guide addresses a specific aspect of IT risk and control assessments GTAG 9: Identity and Access Management Identity and access management (IAM) is a cross-functional process that helps organizations to manage who has access to what information over a period of time. This process is used to initiate, capture, record, and manage the user identities and related access permissions to the organization's proprietary information. Chief audit executives (CAEs) should be involved in the development of the organization's IAM strategy as well as evaluate the implementation of the strategy and effectiveness of companywide access controls. The purpose of this GTAG is to provide insight into what IAM means to an organization and to suggest internal audit areas for investigation. It can assist CAEs and other internal auditors to understand, analyze, and monitor their organization's IAM processes. Download GTAG 9 GTAG 8: Auditing Application Controls Application controls are those controls that pertain to the scope of individual business processes or application systems. Effective application controls will help your organization to ensure the integrity, accuracy, confidentiality and completeness of your data and systems. This guide provides information on application control, its relationship with general controls, scope a risk-based application control review, the steps to conduct an application controls review, a list of key application controls, and a sample audit plan. Download GTAG 8 . IT Audit Topics Research Symposium July 2007 (PDF, 12KB)		IT Resources Review some of the latest IT Resources available for IT auditing. GTAG Series Read and download the entire Global Technology Audit Guides^® (GTAG^®). GAIT Project Learn more about the ongoing IT auditing guidance project known as the Guide to the Assessment of ITGeneral Controls Scope Based on Risk (GAIT).