control, and governance
The Reference Library provides useful online resources to the auditor looking for specific IT-related information.
Information about computer viruses and virus detection products and services.
Audit and Control
Resources on audit techniques and approaches, audit/auditor descriptions, and future directions in auditing and controls.
Vendors providing software developed specifically for use by auditors.
Information on business continuity planning issues, including risk analysis, impact assessment, emergency response, disaster recovery, contingency planning, and crisis management.
Resources on electronic business and commerce, including business and technology issues, and technical references.
Resources describing preventive, detective, and corrective measures against fraud.
Technology information and resources published in government Web sites, including guidelines, checklists, audit programs, case studies, and research results.
Vendors offering desktop and notebook computers, servers, and networking products.
Resources on information management issues, including management and technologies.
IT Audit Checklists
Checklists for general and IT audits, covering operating systems, firewalls, networks, and Web security.
Information on operating systems for mainframes, mini, and microcomputers; networking systems; database management systems; and other systems tools.
Legal issues concerning IT, auditing, e-commerce, and other uses of technology of interest to internal and IT auditors.
Mail List Servers
Mail list servers that can provide valuable information to IT auditors.
Information and organizations related to privacy issues, as well as products and services for safeguarding privacy.
Professional associations and IT organizations that are of interest to auditors.
Online and print publications of interest to IT auditors.
Legal and regulatory issues concerning IT, auditing, e-commerce, and other uses of technology.
Risk Management Information and Organizations
Risk management resources, publications, and white papers.
Risk Management Products and Services
Tools used by IT auditors for assessing IT and related risks and for contingency planning.
Security Information and Organizations
Information security resources such as computer crime investigators, computer emergency response teams, publications, research and standards organizations, and white papers.
Security Products and Services
Information security and assurance hardware, software, and services.
References and descriptions of IT- and audit-related standards and standards-setting organizations.
Information on systems developers and systems development methodologies.