Showing 1-25 of 125 results
This practice guide provides guidance on the uses of maturity models, identifies considerations for their selection, and provides instructions on how to build them. Components of existing
Updated information on important regulations for financial institutions. Auditing Capital Adequacy and Stress Testing for Banks, 2nd Edition Internal audit plays a crucial role in providing
Discusses differences between internal and external audit mandates. Explores how the IPPF can assist with executing both mandates. Applying The IIA’s International Professional Practices
Help internal auditors develop competence in providing assurance over cybersecurity risks. Assessing Cybersecurity Risk: The Three Lines Model Designed to help internal auditors develop competence
Discusses an external provider's responsibility for informing the organization of the organization's responsibility for maintaining an effective internal audit activity, including a
This Practice Guide, which replaces The IIA’s Global Technology Audit Guide (GTAG) “Managing and Auditing Privacy Risks” published in June 2006, provides practitioners with a foundation for
This guide will assist internal auditors with an explanation of the audit approach, audit considerations such as access to information and privileged communications, as well as the skills and
Discusses the minimum criteria the CAE must fulfill in managing the internal audit activity. 2000 – Managing the Internal Audit Activity Discusses the minimum critieria the CAE must fulfill in
Discusses the CAE's responsibilities for communication and approval of internal audit's plans and resource requirements. 2020 – Communication and Approval Discusses the CAE's responsibilities
Discusses the CAE's establishment of policies and procedures. 2040 – Policies and Procedures Discusses the CAE's establishment of policies and procedures. Includes guidance on form and content.
Explores the CAE's responsibility for discussing management's acceptance of risks with management and the board. 2600 – Communicating the Acceptance of Risks Explores the CAE's responsibiltiy
Discusses internal audit's work regarding the assessment and continuous improvement of controls. 2130 – Control Discusses internal audit's work regarding the assessment and continuous improvement
Discusses the process of developing and documenting work programs. 2240 – Engagement Work Program Discusses the process of developing and documenting work programs. Identifies common formats.
The Three Lines Model GTAG: Assessing Cybersecurity Risk Identifying, Assessing, and Mitigating Cyber Threats Organizations of all types are becoming more vulnerable to cyber threats due to their
This practice guide explains how conforming with the Mandatory Guidance of the IPPF supports the realization of the broader, more encompassing Core Principles. Demonstrating the Core Principles
This GTAG describes how members of governing bodies, executives, IT professionals, and internal auditors address significant IT-related risk and control issues and presents relevant frameworks
Understand insider threats and related risks by providing an overview of common dangers, key risks, and potential impacts. GTAG: Auditing Insider Threat Programs This GTAG helps internal auditors
Learn about our partners
We are continually searching for innovative products and services to enhance our members' ability to meet their rising stakeholder demands.