Title |
Download
or site |
| Methodware Audit Products
and Web Site |
http://www.methodware.com |
IT Governance Portal
Linking Business Objectives and Information Technology |
http://www.itgi.org/ |
| AuditNet®,
the auditors Web portal with links, tools and resources
developed for the benefit of the auditors by Jim Kaplan
CIA, CFE, CSM, author of The Auditor's Guide to Internet
Resources 2nd Edition. Read a review of the book now!
|
http://www.auditnet.org/ |
| The primary mission
of the U.S. Securities and Exchange Commission (SEC) is
to protect investors and maintain the integrity of the
securities markets. |
http://www.sec.gov/index.htm |
| Intellectual Property
and the Internet: Who Owns the Information? |
IntelPropInternetWhoOwns |
| Secure E-Business |
SecureEBusiness.pdf |
Risk
Based Auditing for Banks & Financial Institutions
Multiple downloads for IFCI presentations http://www.iir-conferences.com/site/free-downloads.cfm?iv=22
requires registration |
http://www.iir-conferences.com/ |
Allocation of Risk
Capital in Financial Institutions.
|
http://www.findarticles.com/ |
Control Objectives
for Information
and related Technology |
http://www.isaca.org/CobiT®.orizon.htm |
| Board Briefing on IT
Governance |
Board_Briefing_final.pdf_1.pdf |
| CobiT®.3rd Edition Management
Guidelines |
CobiT®.
3rd Edition Management Guidelines.pdf |
| CobiT®.3rd Edition Control
Objectives |
Control
Objectives.pdf |
| CobiT®.3rd Edition Executive
Summary |
Executive
Summary.pdf |
| CobiT®.3rd Edition Framework |
Framework
CobiT®.pdf |
| CobiT®.3rd Edition Implementation
Tool Set |
Implementation
Tool Set.pdf |
| IT Strategy Committee |
ITStrategyCommittee.pdf |
| From Chaos
to Control; The CIO's Executive Guide to Managing and
Securing the Enterprise Chapter One |
CEGMSE-Ch1a.pdf |
| From Chaos
to Control; The CIO's Executive Guide to Managing and
Securing the Enterprise Chapter Two |
CEGMSE-Ch2a.pdf |
New
From ISACA - This is why we PAY OUR DUES! |
| IT Control Practice
Statement For the CobiT®.High Level Control Objective AI-1 Identify Automated Solutions |
CPS-AI1.pdf Requires
an ISACA membership for download. Please visit http://www.isaca.org |
| IT Control Practice
Statement For the CobiT®.High Level Control Objective AI-2 Acquiring and Maintaining
Application Software |
CPS-AI2.pdf
Requires
an ISACA membership for download. Please visit http://www.isaca.org |
| IT Control Practice
Statement For the CobiT®.High Level Control Objective AI-3 Acquire and Maintain Technology
Inftrastructure |
CPS-AI3.pdf
Requires
an ISACA membership for download. Please visit http://www.isaca.org |
| IT Control Practice
Statement For the CobiT®.High Level Control Objective AI-4 Develop And Maintain Procedures |
CPS-AI4.pdf Requires
an ISACA membership for download. Please visit http://www.isaca.org |
| IT Control Practice
Statement For the CobiT®.High Level Control Objective AI-5 Install and Accredit Systems |
CPS-AI5.pdf
Requires
an ISACA membership for download. Please visit http://www.isaca.org |
| IT Control Practice
Statement For the CobiT®.High Level Control Objective AI-6 Manage Change |
CPS-AI6.pdf Requires
an ISACA membership for download. Please visit http://www.isaca.org |
| IT Control Practice
Statement For the CobiT®.High Level Control Objective DS-5
Ensure Systems Security |
CPS-DS5.pdf
Requires
an ISACA membership for download. Please visit http://www.isaca.org |
| IT Control Practice
Statement For the CobiT®.High Level Control Objective M1 Monitor the Processes |
CPS-M1.pdf
Requires
an ISACA membership for download. Please visit http://www.isaca.org |
| IT Control Practice
Statement For the CobiT®.High Level Control Objective PO-9 Assess Risks |
CPS-PO9.pdf Requires
an ISACA membership for download. Please visit http://www.isaca.org |
Sarbanes
Oxley |
| Sarbanes Oxley, Actual
Legislation |
Sarbanes-Oxley
Legislation or SarbanesOxley.pdf (PB&SP Server) |
| IS Auditing Procedure
Control Risk Self Assessment Exposure Draft |
CRSA.pdf |
| Audit Risk; Proposed
International Standards on Auditing; AND Proposed Amendment
to ISA 200 "Objective and Principles Governing an
Audit of Finanical Statements" IFAC |
ED-Audit_Risk_Oct021.pdf |
| KPMG A New Focus On
Government; Managing Stakeholder Expectations to Sustain
Business Value |
KPMG
Stakeholder_Governance.pdf |
EXPOSURE
DRAFT PROPOSED STATEMENTS ON AUDITING STANDARDS Auditing
an Entity’s Internal Control Over Financial Reporting
in Conjunction With the Financial Statement Audit // and
// Amendment to Statement on Auditing Standards No. 100,
Interim Financial Information
PROPOSED STATEMENT ON STANDARDS FOR ATTESTATION ENGAGEMENTS
Reporting on an Entity’s Internal Control Over Financial
Reporting March 18, 2003
Prepared by the AICPA Auditing Standards Board for comment
from persons interested in auditing and reporting issues |
Exposure
Draft 2003_0318
_ssae_intcontrl.pdf |
| The Sarbanes Oxley
Act of 2002 and current Proposal by NYSE, AMEX and NASDAQ,
Board and Audit Committee Roles in the Era of Corporate
Reform |
Final
SO WP #2 - BoardsAC.pdf |
Phoenix Business
& Systems Process utilizes the services of CFO Direct,
a web service of PriceWaterHouseCoopers.
We urge others to login and make full advantage of
this outstanding resource. |
http://www.cfodirect.com/ |
| The Sarbanes
Oxley Act of 2002; Strategies For Meeting New Internal
Control Reporting Challenges, A White Paper |
PWC_IC_03.07.03_Sarbox_WP1.pdf |
| FISCAM - Federal Information
Systems Controls Audit Manual (GAO) |
http://www.gao.gov/ |
| Systems Auditability
and Control (SAC) -- IIA RF |
http://www.theiia.org/eSAC |
| Electronic Systems Assurance
and Control (eSAC) -- IIA RF Series of reports on IT management
and security topics |
http://www.theiia.org/eSAC |
| Common Sense Guide for
Senior Managers (Internet Security Alliance) |
http://www.isalliance.org/ |
| Building Security in
the Digital Resource: An Executive Resource -- Business
Roundtable, November 2002 |
http://www.businessroundtable.org/ |
| Information Security
for Executives -- Business and Industry Advisory Committee
to the OECD, and International Chamber of Commerce, Paris,
November 2003 |
http://www.iccwbo.org/home/
e_business/word_documents/SECURITY-final.pdf |
| VISA Cardholder Information
Security Program (CISP) Digital Dozen |
http://usa.visa.com/business/
merchants/cisp_index.html?ep=v_sym_cisp |
| ICC Handbook on Information
Security Policy for Small to Medium Enterprises - International
Chamber of Commerce, April 11, 2003 |
http://www.iccwbo.org/ |
| Corporate Information
Security Evaluation for CEO's (TechNet) |
http://www.technet.org/cybersecurity/ |
| The 60 Minute Network
Security Guide (NSA SNAC) |
http://www.nsa.gov/snac/support/download.htm |
| Security Checklists
for: Mid/Large Businesses, Small Businesses, Government
Agencies, and Consumers (Business Software Alliance) |
http://global.bsa.org/usa/policy/security/checklists.phtml |
| NIST 800-26 Security
Self-Assessment Guide for Information Technology Systems |
http://csrc.nist.gov/publications/nistpubs/index.html |
| NIST 800-50 Building
an Information Tecnology Security Awareness and Training
Program |
http://csrc.nist.gov/publications/nistpubs/index.html |
| NIST 800-60 Guide
for Mapping Types of Information and Information Systems
to Security Categories, Volumes 1 & 2 |
http://csrc.nist.gov/publications/nistpubs/index.html |
| Interim Security Guidelines:
Standard 1200 -- Cyber Security -- North American Electric
Reliability Council (NERC) |
ftp:/ftp.nerccom/pub/sys/all_updl/standards/Urgent-Reg-CyberStnd-3-3121.pdf |
| Bastel II -- The New
BASEL Capital Accord -- Bank for International Settlements |
http://www.bis.org/publ/bcbsca.htm |
| ISO TR 13569 "Banking
and Related Financial Services -- Information Security
Guidelines, 9/9/2003 |
http://www.iso.org/iso/en/stdsdevelopment/ |
| BITS Framework: Managing
Technology Risk for Information Technology (IT) Service
Provider Relationships --Financial Services Roudtable
(FSR) |
http://www.bitsinfo.org/
http://www.bitsinfo.org/bits2003framework.pdf |
| Federal Financial Institutions
Examination Council (FFIEC) - FFIEC "Audit IT Examination
Handbook," and "FFIEC Audit Examination Procedures" |
http://www.ffiec.gov/
http://www.ffiec.gov/ffiecinfobase/index.htm |
