close

What Is Truth to Power?

[+] A research and advisory resource...

dedicated to bridging the gaps between governance and practice, technology and business, regulation and control, risk management and real market pressures, and your own knowledge and the knowledge of your peers.

[+] An open forum and community...

built to create a common pool of knowledge—one big brain—that lets you work more efficiently, build technology and business practices more effectively, and endure audits more effortlessly.

[+] A plexus nexus...

a neutral hub through which you can reach many valuable information nodes, resource collections, and organizations that are helping people like you already, but in fractured ways.

[+] A rebellion...

against the idea that auditors, analysts, and consultancies can control information simply through their ability to collect and distill it. T2P's goal is to unlock the vast body of knowledge, insight, and conventional wisdom that we all have, make it freely available to you, and help you digest and interpret it—without undue cost, bias, or hype.

Top Panel
WHAT IS T2P?
Top Panel
Submit in FaceBook
Submit IT%20Audit%20Checklists in Google Bookmarks
Tweet this!
|
E-mail
 
IT Audit Checklists

IT Audit Checklists are a T2P members-only resource. Originally published by the IT Compliance Institute, the checklists offer practical guidance and experience-based insight to help IT, compliance, and business managers prepare for more successful and productive internal audits.

In addition to helping you understand what auditors look for and why, IT Audit Checklists support proactive operational self assessments. By measuring your internal processes against the managerial, operational, and technical control objectives in these papers, you can uncover new opportunities for system and process improvements—and address them in advance of an actual audit.

t2p_itac_75

IT Audit Checklist: IT Governance and Strategy

Guidance on assessing the completeness, effectiveness, and sustainability of existing IT governance and high-level strategy. Includes more than 120 specific checklist items.
details | downloadkey-mo | library
t2p_itac_75

IT Audit Checklist: Risk Management

Advice on the necessary preparation, planning, and communication strategies involved in a sucessful risk-management audit. Includes 80 specific checklist items.
details | downloadkey-mo | library
t2p_itac_75

IT Audit Checklist: Information Security

Supports an internal audit of the organization's information security program with guidance on improving information security programs and processes. Includes 228 specific checklist items.
details | download key-mo | library
t2p_itac_75

IT Audit Checklist: Privacy and Data Protection

Supports an internal audit of the organization's regulatory, legal, contractual, and business requirements for maintaining the confidentiality and integrity of sensitive information related to itself, employees, customers, business partners, and other entities.. Includes 270 specific checklist items.
details | downloadkey-mo | library
t2p_itac_75

IT Audit Checklist: Change Management

Supports an internal audit of the organization's change management policies in order to verify compliance and look for opportunities to improve efficiency, effectiveness, and economy. Includes 187 specific checklist items.
details | downloadkey-mo | library

If you like the IT Audit Checklists, you might also like:

t2p_pci-r2a_75

PCI: Requirements to Action
Practical Guidance on More Efficient, Effective Compliance

The PCI Data Security Standard (PCI DSS) can represent an effective baseline for enterprise information security. The greater challenge, however, is making PCI compliance an integral and efficient part of enterprise security programs. This in-depth paper combines high-level analysis with control-level pointers to help compliance and IT managers demystify the PCI DSS and align it with broader risk- and security-management practices.
details | downloadkey-mo | library
 
RSS RSS


Don Turnblade (19.Dec.11 (11:20:57))
Process Capability As a Six Sigma Blackbelt, I can see that a check list based approach to the Audit Process could improve its quality and consistence by following the first two stages of a Six Sigma Process: Define and Measure.

Still, there does not seem to be described any Analytical measures of the test effectiveness of these lists for me to consider when evaluating the worth of a testing approach in furtherance of good Audit Process improvement or quality improvement approaches to client processes to be measured.

Is it possible to attest to any of the false positive or false negative experiences of Auditors while using such defined tests lists? (A strange question I know, but useful for the adopting of Quality Audit Process Testing Procedures.)
Quote
Hide comment form

Antispam Refresh image Case sensitive

T2P RECOMMENDS:

AuditNet logo
AuditNet is an online portal for auditors. Created and run by the venerable Jim Kaplan, the organization's mission is to develop a complete "utility" for audit-related information, products, and services.

T2P RECOMMENDS:

The BeyeNETWORK provides resources and professional community support for business intelligence, performance management, data warehousing, data integration and data quality.

T2P RECOMMENDS:

IIA Logo

The Institute of Internal Auditors (IIA) is a powerful research and guidance organization focusing on audit principles and processes for business and IT functions. IIA guidance related to information control includes the Global Technology Audit Guide (GTAG) series and the Guide to the Assessment of IT Risk (GAIT) series.