Supplemental Guidance
Supplemental Guidance
Supplemental Guidance provides detailed guidance for conducting internal audit activities. These include topical areas, sector-specific issues, as well as processes and procedures, techniques, programs, step-by-step approaches, and examples of deliverables.
To provide you with the most up-to-date guidance possible, Global Guidance titles issued prior to 2017 will be removed from this page on Oct. 1, 2024. These titles do not support the Global Internal Audit Standards issued earlier this year. Members may download pdf versions before that date. Select titles will be updated and made available as soon as possible.
-
- Business Continuity Management
- Chief Audit Executives — Appointment, Performance, Evaluation, and Termination
- Coordination and Reliance: Developing an Assurance Map
- Demonstrating the Core Principles for the Professional Practice of Internal Auditing
- Developing a Risk-based Internal Audit Plan
- Developing the Internal Audit Strategic Plan
- Engagement Planning: Assessing Fraud Risks
- Engagement Planning: Establishing Objectives and Scope
- Formulating and Expressing Internal Audit Opinions
- Independence and Objectivity
- Integrated Approaches to Internal Auditing
- Measuring Internal Audit Effectiveness and Efficiency
- Quality Assurance and Improvement Program
- Reliance by Internal Audit on Other Assurance Providers
- Selecting, Using, and Creating Maturity Models: A Tool for Assurance and Consulting Engagements
- Talent Management
-
- Assessing Organizational Governance in the Private Sector
- Assessing the Risk Management Process
- Assisting Small Internal Audit Activities in Implementing the International Standards for the Professional Practice of Internal Auditing
- Audit Reports: Communicating Assurance Engagement Results
- Auditing Anti-corruption Activities
- Auditing Culture
- Auditing Executive Compensation and Benefits
- Auditing Privacy Risks, 2nd Edition (replaces GTAG 5)
- Auditing Third-party Risk Management
- Coordinating Risk Management and Assurance
- Evaluating Ethics-related Programs and Activities
- Interaction with the Board
- NEW! Internal Auditing and Fraud, 3rd Edition
-
- Assessing Cybersecurity Risk: The Three Lines Model
- Auditing Business Applications
- Auditing Cyber Incident Response and Recovery
- Auditing Cybersecurity Operations: Prevention and Detection
- Auditing Identity and Access Management
- Auditing Insider Threat Programs
- Auditing IT Governance (Previously GTAG 17)
- Auditing IT Projects (Previously GTAG 12)
- Auditing Mobile Computing
- NEW! Auditing Network and Communications Management
- Business Continuity Management (Previously GTAG 10)
- Continuous Auditing: Coordinating Continuous Auditing and Monitoring to Provide Continuous Assurance, 2nd Edition (Previously GTAG 3)
- Data Analysis Technologies (Previously GTAG 16)
- Fraud Prevention and Detection in an Automated World (Previously GTAG 13)
- Information Technology Outsourcing, 2nd Edition (Previously GTAG 7)
- Information Technology Risk and Controls, 2nd Edition (Previously GTAG 1)
- IT Change Management: Critical for Organizational Success, 3rd Edition (Previously GTAG 2)
- IT Essentials for Internal Auditors
- Management of IT Auditing, 2nd Edition (Previously GTAG 4)
- Understanding and Auditing Big Data
-
- Auditing Capital Adequacy and Stress Testing for Banks, 2nd edition
- Auditing Liquidity Risk Management For Banks, 2nd Edition
- Auditing Conduct Risk
- Auditing Credit Risk Management
- Auditing Market Risk in Financial Institutions
- Auditing Model Risk Management
- Foundations of Internal Auditing in Financial Services Firms
-
- Assessing Organizational Governance in the Public Sector
- Auditing Grants in the Public Sector
- Auditing Procurement in the Public Sector
- Building an Effective Internal Audit Activity in the Public Sector
- Creating an Internal Audit Competency Process for the Public Sector
- Unique Aspects of Internal Auditing in the Public Sector