Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Audit Guidelines

Welcome to the Audit Guidelines topic!

Collaborate, contribute, consume and create knowledge around topics such as Audit charter, independence (organisational and professional), engagement planning, Risk Assessment, sampling, reporting and follow-up activities.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
941 Members
6 Online
13032 Visits

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 31 total

Must be a Topic member to contribute
View All »
Hi All, I have a similar query posted in community "Audit Tools Techniques" but I found here may be more appropriate therefore I revised the query and hope to discuss here. There is an enterprise customer (I call it customer) which have a large IP n...
K.C. Lam, Dicky | 10/5/2015 2:10:08 AM | COMMENTS(3)
Dear all, We, in my organization, are currently brainstorming about the issues related to pentest and vulnerability testing. So far, these tests have always been considered as being a 'Permanent Control' responsibility. As a result, us Internal Audito...
Clément329 | 9/30/2015 10:55:07 AM | COMMENTS(2)
Dear All, I need your thoughts on this; Should an IT Auditor be present (as an auditor/observer) during the UAT of a system that s/he will most probably audit in the future.  Personally, I think there is nothing wrong in this, in fact, it can be a good le...
Umar Matloob | 8/10/2015 5:11:44 AM | COMMENTS(4)
Group, I need some insight from some seasoned internal (IT) auditors. Although I'm not new to IT or IT security, I am fairly new with IT auditing. I've been tasked with starting to carry out a series of IT audits of some of our critical healthcare EHR sys...
Carl097 | 8/3/2015 6:46:09 AM | COMMENTS(15)
This may have been asked a million times before, but .... any suggestions on resources mapping out the model process for establishing an Internal IT Audit function ? This use case is a start uo financial services sector org, but it's general principles an...
Christopher689 | 7/23/2015 1:56:47 PM | COMMENTS(3)
Hi Everyone, ISACA Ireland are now starting to plan for the 2015 conference and are keen to encourage knowledge center members to submit a speaker proposal for consideration.  I hope no one minds me posting the below details of the call for papers and loo...
Neil_Curran | 6/17/2015 3:42:08 AM | COMMENTS(2)

Documents & Publications: 72 total

Must be a Topic member to contribute
View All »
Ways to address and resolve SOD conflicts for SOX compliance are presented in an easily implementable format. - By Bala Kaundinya, Risk Advisory Manager from Ernst & Young
Posted by Bala_Krishnan_CISA_CIPP 122 days ago
Posted by ISACA 207 days ago
Posted by ISACA 209 days ago
Posted by ISACA 245 days ago
Posted by ISACA 280 days ago

Events & Online Learning: 8 total

14 Oct 2013
ISACA International Event
Boston, MA, USA
11 Aug 2014
ISACA International Event
Seattle, WA, USA
17 Aug 2015
ISACA International Event
Phoenix, Arizona, US
2015 GRC Conference - August 17-19, Phoenix, AZ. Explore the future of Governance Risk and Control through expert-led workshops and sessions developed by the IIA and ISACA. Register early for our GRC learning tracks.

Journal Articles: 130 total

Volume 4, 2015
by Ed Gelbstein, Ph.D.
Having been audited many times over the years, it would have been of great help if the auditors had taken the time to brief us on what they were going to do, why and how this would be done, and what our role in the process would be.
Volume 4, 2015
by Muhammad Mushfiqur Rahman, CISA, CEH, CHFI, CCNA, ISO 27001 LA, ITIL V3, MCITP, MCP, MCSE, MCTS, OCP, SCSA
Server auditing is an important task to ensure platform-level security in an IT infrastructure and to ensure the proper configuration of Linux server security.
Volume 2, 2015
by Ed Gelbstein, Ph.D.
Everybody wants an audit to be successful. Given that success may mean different things to the parties involved, due attention needs to be given to their criteria.
Volume 1, 2015
by ISACA Member and Certification Holder Compliance
An up-to-date listing of the current IT Audit and Assurance Standards, Guidelines, and Tools and Techniques
Volume 1, 2015
by David Henderson, Steven D. Sheetz and Linda Wallace
The potential of software metrics to increase control of the software development process naturally makes the appropriate use of software metrics a concern for IS auditors.
Volume 6, 2014
by ISACA Member and Certification Holder Compliance
An up-to-date listing of the current IT Audit and Assurance Standards, Guidelines, and Tools and Techniques

Wikis: 2 total

Blog Posts: 2 total

Must be a Topic member to view blog posts
Agile technique in software development has been around for quite some time. There have been efforts to adopt the agile techniques for strategic planning, alignment and execution. Following are some of the relevant articles/blog posts in this area. The to...
Posted By : SA | 0 comments
13 Nov 2014
Posted By : masarker | 4 comments