GTAG: Auditing Business Applications, 2nd Edition

This content is exclusively available for free in PDF format to IIA members. Please use this link to download your copy today!

Given the critical role of applications as enablers of business processes, a risk-based internal audit plan should include engagements that evaluate standardized and system-specific controls to determine whether significant risks are adequately managed.

Common examples of business applications include systems such as enterprise resource planning, point-of-sale, industrial control, customer relationship management, and billing.

This guide draws from three widely used frameworks to help auditors work with IT-IS to develop an assessment plan and tests to evaluate the design and implementation of relevant controls.

The guidance replaces the previous edition published in 2021.

IIA Bookstore eBook Buying Guide

The eBook which is accessed through our third-party platform, VitalSource, allows the user to experience greater readability. VitalSource eBooks are user friendly, feature full, and functional. 

With an eBook you will have: 

• Easy access and storage via VitalSource.
• User-friendly search, and improved interactivity.
• Edit options to manipulate text size, font, background, and layout. 
• Ability to annotate, bookmark, and create flashcards.