Outside Resources - The Institute of Internal Auditors

Outside Resources
Below is a list of IT Resources and other resources outside of The IIA.

Balanced Scorecard Reporting
Change Leaders, Inc. specializes in Board Development, CEO Coaching, and Executive Team Development. We make successful senior executives and their teams better. Partnering with the sponsoring executive, we leverage the 'soft' factors (e.g. group dynamics, CEO on-boarding, board dynamics) that improve the 'hard' business metrics (e.g. growth, value, performance). With 20+ years experience and deep insights into the CEO's world we are known as international solution generators. Productive and enjoyable experts you can count on.
CICA The Canadian Institute of Chartered Accountants (CICA) has a variety of publications available for download (free) on its Web site.
The following documents have been completed (and may be of interest to individual organizations):
- "20 Questions Directors Should Ask About Management's Discussion and Analysis" by Alan Willis, CA
- "20 Questions Directors Should Ask About Executive Compensation" by Elizabeth Greville, LL.B. & David Crawford, CFA
- "20 Questions Directors Should Ask About Risk" by Hugh Lindsay, FCA, CIP
- "20 Questions Directors Should Ask About Strategy" by Dr. Chris Bart, CA
- "20 Questions Directors Should Ask About Their Role in Pension Governance" by Gordon Hall, FSA, FCIA, MAAA
- "20 Questions Directors Should Ask About IT and Crisis Management for Directors" by Hugh Lindsay, FCA, CIP.
Electronic records management resources
- On the Road to Records Management
- Records Management Basics -- National Archives and Records Administration (NARA)
- E-GOV Initiatives (E-Records Management section)
- Archives Resources center [ARC] - State and Local Governments resources
- Cohasset Associates, Inc. (RM/ER Training)
GASSP The IIA is also involved with the international Generally Accepted Systems Security Principles Committee of the International Information Security Foundation (GASSP / I2SF). The GASSPC and I2SF are providing guidance for the global IT security and auditing community.
General Accounting Office
- Special Publications: Computer and Information Technology - complete listing
- Special Publications and Software - complete listing
- IM/IT Management Guidance
  1. Executive Guide:Improving Mission Performance Through Strategic Information Management and Technology.
  2. Executive Guide: Measuring Performance and Demonstrating Results of Information Technology Investments.
  3. Executive Guide: Maximizing the Success of Chief Information Officers: Learning from Leading Organizations.
  4. Information Technology Investment Management: A Framework for Assessing and Improving Process Maturity.
  5. Executive Guide: Information Security Management: Learning From Leading Organizations.
  6. Information Security Risk Assessment: Practices of Leading Organizations.
- Other Management Guidance
  1. Executive Guide: Creating Value Through World-Class Financial Management.
  2. Executive Guide: Effectively Implementing the Government Performance and Results Act.
  3. Human Capital: A Self Assessment Checklist for Agency Leaders.
PCIS An IIA representative serves on the board of directors of the Partnership for Critical Infrastructure Security (PCIS). The PCIS is working to coordinate public and private sector efforts in establishing and improving the protection of critical infrastructure industries such as technology, communications, electrical power, oil and gas, transportation, banking and finance, water, government, and emergency services.
The Center for Internet Security's (CIS) mission is to help organizations around the world effectively manage the risks related to information security. CIS provides methods and tools to improve, measure, monitor, and compare the security status of your Internet-connected systems and appliances, plus those of your business partners. CIS is not tied to any proprietary product or service. It manages a consensus process whereby members identify security threats of greatest concern, then participate in development of practical methods to reduce the threats. This consensus process is already in use and has proved viable in creating Internet security benchmarks available for widespread adoption.
Various Information Management Publications by the Canadian Federal Government
Information Technology Resource Board (ITRB) has always issued some great guidance. The ITRB is a group of senior IT, acquisition, and program managers with significant experience developing, acquiring, and managing information systems in the federal government. Members are drawn from a cross-section of agencies and are selected for their specific skills and knowledge. The ITRB provides, at no cost to agencies, peer reviews of major federal IT systems. Through these peer reviews, the ITRB identifies practical solutions to actual or potential problems.
The Visible Ops
Handbook
The FFIEC IT Examination Handbook has some excellent "online" guidance.
IT Service Management and IT Governance: Review, Comparative Analysis and their Impact on Utility Computing
The Report's Abstract: Over the years, IT has become the backbone of businesses to the point where it would be impossible for many to function (let alone succeed) without it. As a result of its increasing role in the enterprise, the IT function is changing, morphing from a technology provider into a strategic partner. Concurrent to these changes, the IT infrastructure is moving towards a centralized, highly adaptive utility model. In this paper, we review the different open and industrial frameworks that support IT organizations in this transition and explore their impact on the next generation of IT infrastructure.
The Information Technology Service Management Forum (itSMF) is a global organization responsible for advancing IT best practices through the utilization of the IT Infrastructure Library (ITIL®).

Quick Search Advanced Search Site Map IIA Popular Pages CIA Exam Content CFSA Individual Memberships Code of Ethics Information Technology		Home / Professional Guidance / Information Technology / IT Resources / Outside Resources Outside Resources Below is a list of IT Resources and other resources outside of The IIA. Balanced Scorecard Reporting Change Leaders, Inc. specializes in Board Development, CEO Coaching, and Executive Team Development. We make successful senior executives and their teams better. Partnering with the sponsoring executive, we leverage the 'soft' factors (e.g. group dynamics, CEO on-boarding, board dynamics) that improve the 'hard' business metrics (e.g. growth, value, performance). With 20+ years experience and deep insights into the CEO's world we are known as international solution generators. Productive and enjoyable experts you can count on. CICA The Canadian Institute of Chartered Accountants (CICA) has a variety of publications available for download (free) on its Web site. The following documents have been completed (and may be of interest to individual organizations): "20 Questions Directors Should Ask About Management's Discussion and Analysis" by Alan Willis, CA "20 Questions Directors Should Ask About Executive Compensation" by Elizabeth Greville, LL.B. & David Crawford, CFA "20 Questions Directors Should Ask About Risk" by Hugh Lindsay, FCA, CIP "20 Questions Directors Should Ask About Strategy" by Dr. Chris Bart, CA "20 Questions Directors Should Ask About Their Role in Pension Governance" by Gordon Hall, FSA, FCIA, MAAA "20 Questions Directors Should Ask About IT and Crisis Management for Directors" by Hugh Lindsay, FCA, CIP. Electronic records management resources On the Road to Records Management Records Management Basics -- National Archives and Records Administration (NARA) E-GOV Initiatives (E-Records Management section) Archives Resources center [ARC] - State and Local Governments resources Cohasset Associates, Inc. (RM/ER Training) GASSP The IIA is also involved with the international Generally Accepted Systems Security Principles Committee of the International Information Security Foundation (GASSP / I2SF). The GASSPC and I2SF are providing guidance for the global IT security and auditing community. General Accounting Office Special Publications: Computer and Information Technology - complete listing Special Publications and Software - complete listing IM/IT Management Guidance 1. Executive Guide:Improving Mission Performance Through Strategic Information Management and Technology. 2. Executive Guide: Measuring Performance and Demonstrating Results of Information Technology Investments. 3. Executive Guide: Maximizing the Success of Chief Information Officers: Learning from Leading Organizations. 4. Information Technology Investment Management: A Framework for Assessing and Improving Process Maturity. 5. Executive Guide: Information Security Management: Learning From Leading Organizations. 6. Information Security Risk Assessment: Practices of Leading Organizations. Other Management Guidance 1. Executive Guide: Creating Value Through World-Class Financial Management. 2. Executive Guide: Effectively Implementing the Government Performance and Results Act. 3. Human Capital: A Self Assessment Checklist for Agency Leaders. PCIS An IIA representative serves on the board of directors of the Partnership for Critical Infrastructure Security (PCIS). The PCIS is working to coordinate public and private sector efforts in establishing and improving the protection of critical infrastructure industries such as technology, communications, electrical power, oil and gas, transportation, banking and finance, water, government, and emergency services. The Center for Internet Security's (CIS) mission is to help organizations around the world effectively manage the risks related to information security. CIS provides methods and tools to improve, measure, monitor, and compare the security status of your Internet-connected systems and appliances, plus those of your business partners. CIS is not tied to any proprietary product or service. It manages a consensus process whereby members identify security threats of greatest concern, then participate in development of practical methods to reduce the threats. This consensus process is already in use and has proved viable in creating Internet security benchmarks available for widespread adoption. Various Information Management Publications by the Canadian Federal Government Information Technology Resource Board (ITRB) has always issued some great guidance. The ITRB is a group of senior IT, acquisition, and program managers with significant experience developing, acquiring, and managing information systems in the federal government. Members are drawn from a cross-section of agencies and are selected for their specific skills and knowledge. The ITRB provides, at no cost to agencies, peer reviews of major federal IT systems. Through these peer reviews, the ITRB identifies practical solutions to actual or potential problems. The Visible Ops Handbook The FFIEC IT Examination Handbook has some excellent "online" guidance. IT Service Management and IT Governance: Review, Comparative Analysis and their Impact on Utility Computing The Report's Abstract: Over the years, IT has become the backbone of businesses to the point where it would be impossible for many to function (let alone succeed) without it. As a result of its increasing role in the enterprise, the IT function is changing, morphing from a technology provider into a strategic partner. Concurrent to these changes, the IT infrastructure is moving towards a centralized, highly adaptive utility model. In this paper, we review the different open and industrial frameworks that support IT organizations in this transition and explore their impact on the next generation of IT infrastructure. The Information Technology Service Management Forum (itSMF) is a global organization responsible for advancing IT best practices through the utilization of the IT Infrastructure Library (ITIL®).