Global Technology Audit Guide (GTAG®)
Prepared by The Institute of Internal Auditors (The IIA), each Global Technology Audit Guide(GTAG) is written in straightforward business language to address a timely issue related to information technology (IT) management, control, and security. The GTAG series serves as a ready resource for chief audit executives on different technology-associated risks and recommended practices.
Click on the links below to download the free guides, or to purchase a printed version from The IIA Research Foundation Bookstore.
- Download GTAG 11: Developing the IT Audit Plan, or purchase printed version.
- Download GTAG 10: Business Continuity Management, or purchase printed version.
- Download GTAG 9: Identity and Access Management, or purchase printed version.
- Download GTAG 8: Auditing Application Controls, or purchase printed version.
- Download GTAG 7: Information Technology Outsourcing, or purchase printed version.
- Download GTAG 6: Managing and Auditing IT Vulnerabilities, or purchase printed version.
- Download GTAG 5: Managing and Auditing Privacy Risks, or purchase printed version.
- Download GTAG 4: Management of IT Auditing, or purchase printed version.
- Download GTAG 3: Continuous Auditing: Implications for Assurance, Monitoring, and Risk Assessment, or purchase printed version.
- Download GTAG 2: Change and Patch Management Controls: Critical for Organizational Success, or purchase printed version.
- Download GTAG 1: Information Technology Controls, or purchase printed version.
GTAG Overall Slides (PPT, 475KB)
GTAG presentation slides highlight what is GTAG, who is GTAG target audience, who are involved the GTAG development, guides published, future topics and etc.
Download form for permission to translate to another language (Word, 95KB)
Project Plan
The following topics have been identified by The IIA Advanced Technology Committee as future GTAG Guides:
Project Partners
The IIA has partnered with other professional associations to ensure the contents of the guide will be appropriate for their audiences. For example, the National Association of Corporate Directors and the International Federation of Accountants have ensured that the guide appropriately addresses governance perspectives and uses board-level language. Similarly, involvement by the Center for Internet Security will ensure the guides are technically accurate and address the major points applicable to managing the technical elements of the business environment.
GTAG partners may include the American Institute of Certified Public Accountants (AICPA), Center for Internet Security (CIS), Carnegie Mellon University Software Engineering Institute (CMU SEI), IT Process Institute (ITPI), National Association of Corporate Directors (NACD), and the SANS Institute.
Project Team Members
IIA leaders are invited to participate in the GTAG project. Volunteers will become part of the consensus process in documenting the best expert thinking and experience in current IT and related topics. The IIA will help extend recognition of issues to the executive and governance levels as well as business and technical management responsible for technical issues at the enterprise level. The IIA is well-regarded as an objective party in the scope of activities addressing the causes, problems, and solutions in managing information security and addressing the cyber events plaguing information systems, networks, and critical infrastructures.
Providers of technology products and services are invited to collaborate with The IIA and GTAG partners to help ensure technical accuracy and gain insights to audit and executive perspectives. Sponsors and partners gain or enhance a reputation for addressing information security, governance, and assurance on a global scale.
For more information, contact:
Michael Scotchie
Manager, Technology Practices
The Institute of Internal Auditors
247 Maitland Avenue
Altamonte Springs, FL 32701-4201, USA
E-mail: mike.scotchie@theiia.org
