Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Audit Guidelines

Welcome to the Audit Guidelines topic!

Collaborate, contribute, consume and create knowledge around topics such as Audit charter, independence (organisational and professional), engagement planning, Risk Assessment, sampling, reporting and follow-up activities.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
978 Members
1 Online
13353 Visits

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 35 total

Must be a Topic member to contribute
View All »
Good afternoon all.   I'm currently working on my IT audit plan for next year and an important contributor to this process is our IT risk assessment.  I'm looking for input on what frameworks are used in the community. Could you share your thoughts? 
Arturo184 | 11/10/2015 3:17:40 PM | COMMENTS(4)
Hello Guys, I have recently become an IT Internal Auditor, although I have extensive experience in general IT field. I would like to know what is best between having IT Audit Charter independent of general Internal Audit charter and consolidating them int...
Setsabi1 Matsoso | 11/9/2015 11:15:37 AM | COMMENTS(2)
Where a contract with a 3rd party supplier provides the customer a right to audit, what would be a reasonable expectation for auditor access to artifacts that contain supplier intellectual property? For example, at an on-site audit, I would expect access ...
Phil Green | 11/8/2015 2:08:23 AM | COMMENTS(3)
  Hi Friends, Need an expert overview on the focus of IS Audit that is being performed across various organizations. It is just my view that, the focus on IS audit is more, post production of any application or system, which is more of a reactive way...
Rajesh123 | 11/8/2015 12:44:36 AM | COMMENTS(11)
I'd like to hear people's thought on the approach you would take to audit a service management process, e.g., incident management, problem management, request fulfilment, etc.   Processes like Change Management have controls that are easy to look for (e.g...
Phil Green | 11/8/2015 12:25:18 AM | COMMENTS(4)
Group, I need some insight from some seasoned internal (IT) auditors. Although I'm not new to IT or IT security, I am fairly new with IT auditing. I've been tasked with starting to carry out a series of IT audits of some of our critical healthcare EHR sys...
Carl097 | 11/8/2015 12:04:33 AM | COMMENTS(18)

Documents & Publications: 74 total

Must be a Topic member to contribute
View All »
Posted by ISACA 17 days ago
Ways to address and resolve SOD conflicts for SOX compliance are presented in an easily implementable format. - By Bala Kaundinya, Risk Advisory Manager from Ernst & Young
Posted by Bala_Krishnan_CISA_CIPP 171 days ago
Posted by ISACA 256 days ago
Posted by ISACA 258 days ago
Posted by ISACA 294 days ago

Events & Online Learning: 8 total

14 Oct 2013
ISACA International Event
Boston, MA, USA
11 Aug 2014
ISACA International Event
Seattle, WA, USA
17 Aug 2015
ISACA International Event
Phoenix, Arizona, US
2015 GRC Conference - August 17-19, Phoenix, AZ. Explore the future of Governance Risk and Control through expert-led workshops and sessions developed by the IIA and ISACA. Register early for our GRC learning tracks.

Journal Articles: 132 total

Volume 4, 2015
by Ed Gelbstein, Ph.D.
Having been audited many times over the years, it would have been of great help if the auditors had taken the time to brief us on what they were going to do, why and how this would be done, and what our role in the process would be.
Volume 4, 2015
by Muhammad Mushfiqur Rahman, CISA, CEH, CHFI, CCNA, ISO 27001 LA, ITIL V3, MCITP, MCP, MCSE, MCTS, OCP, SCSA
Server auditing is an important task to ensure platform-level security in an IT infrastructure and to ensure the proper configuration of Linux server security.
Volume 2, 2015
by Ed Gelbstein, Ph.D.
Everybody wants an audit to be successful. Given that success may mean different things to the parties involved, due attention needs to be given to their criteria.
Volume 1, 2015
by ISACA Member and Certification Holder Compliance
An up-to-date listing of the current IT Audit and Assurance Standards, Guidelines, and Tools and Techniques
Volume 1, 2015
by ISACA Member and Certification Holder Compliance
An up-to-date listing of the current IT Audit and Assurance Standards, Guidelines, and Tools and Techniques
Volume 1, 2015
by David Henderson, Steven D. Sheetz and Linda Wallace
The potential of software metrics to increase control of the software development process naturally makes the appropriate use of software metrics a concern for IS auditors.

Wikis: 2 total

Blog Posts: 2 total

Must be a Topic member to view blog posts
Agile technique in software development has been around for quite some time. There have been efforts to adopt the agile techniques for strategic planning, alignment and execution. Following are some of the relevant articles/blog posts in this area. The to...
Posted By : SA | 0 comments
13 Nov 2014
Posted By : masarker | 4 comments