Home Home Contact Us Register MyIIA Privacy Sitemap
Technical Services - IIA-Australia

Practice Guides

Practice Guides provide detailed guidance for conducting internal audit activities. They include detailed processes and procedures, such as tools and techniques, programs, and step-by-step approaches, as well as examples of deliverables.

Practice Guides are available as a Member only resource or alternatively can be purchased as part of the International Professional Practices Framework (IPPF) from the Australian Bookstore

Practice Guides

Global Technology Audit Guide (GTAG®) 03: Continuous Auditing: Implications for Assurance, Monitoring, and Risk Assessment 2nd edition ( , 399 KB )
03-Mar-15 | GTAG | IIA Global | Access: All Members
The new edition focuses primarily on the technology-enabled aspects of continuous auditing and addresses a definition of related terms and techniques; areas where continuous auditing can be applied by the internal audit activity; challenges and opportunities related to continuous auditing; and the implications of continuous auditing for internal auditing, the CAE, and management.

Practice Guide: Auditing Anti-bribery and Anti-Corruption Programs ( , 305 KB )
01-Jun-14 | Practice Guide | IIA Global | Access: All Members
A new Practice Guide has been released - Auditing Anti-bribery and Anti-Corruption Programs. The guide identifies key components of such programs and internal auditors' responsibilities within each. It complements The IIA's 2009 Practice Guide, Internal Auditing and Fraud, which was designed to increase internal auditors' awareness of fraud and provide guidance on how to address fraud risks in internal audit engagements. Two Australian members were involved in its development - Andrew MacLeod and Stephen Linden.

Practice Guide: Business Continuity Management ( , 1 MB )
01-Aug-14 | Practice Guide | IIA Global | Access: All Members
Business continuity management (BCM) is a risk management approach based on business value. It matches business continuity capabilities and risks. The goal of BCM is to enable any organization to restore critical operational activities, manage communications, and minimize financial and other effects of a disaster, business disruption, or other major events. This practice guide specifically discusses the definitions of Business Continuity Management (BCM) and Crisis Management (CM), the activities that may be performed by internal audit before, during, and after a crisis and internal audit's evaluation of key BCM elements. Also, practice aids are provided in the appendices.

Practice Guide: Assessing Organisational Governance in the Public Sector ( , 414 KB )
01-Oct-14 | Practice Guide | IIA Global | Access: All Members
The guide provides public sector auditors with direction on how to assess governance activities and processes and make appropriate recommendations for improving them.

Practice Guide: Talent Management: Recruiting, Developing, Motivating, and Retaining Great Team Members ( , 1 MB )
03-Dec-15 | Practice Guide | IIA Global | Access: All Members
Talent Management: Recruiting, Developing, Motivating, and Retaining Great Team Members outlines best practice recommendations for the various elements - everything from assessing competencies and selecting candidates to training and succession planning - that make up an organization's talent management strategy.

GTAG® 01: Information Technology Controls, 2nd Edition ( , 3 MB )
01-Mar-12 | GTAG | IIA Global | Access: All Members
This global technology audit guide provides information on available frameworks for assessing IT controls and describes how to establish the right framework for an organisation.

GTAG® 02: Change and Patch Management Controls: Critical for Organisational Success, 2nd Edition ( , 717 KB )
01-Mar-12 | GTAG | IIA Global | Access: All Members
Like information security, management of IT changes is a fundamental process that can cause damage to the entire enterprise and easily disrupt operations if it is not performed well. The objective of this global audit technology guide is to convey how effective and efficient IT change and patch management contribute to organisational success.

Global Technology Audit Guide (GTAG®) 04: Management of IT Auditing - 2nd Edition ( , 225 KB )
01-Jan-13 | GTAG | IIA Global | Access: All Members
GTAG 4: Management of IT Auditing, 2nd edition, helps chief audit executives (CAEs) keep pace with the ever-evolving landscape of information technology (IT) as it relates to IT auditing. The guide is written in straightforward business language that frames technology concepts in a context easy to understand for the business professional. The second edition takes into account the latest developments in the IT landscape and empowers CAEs to more efficiently and effectively manage their IT audit work by focusing on three core areas: Determining where IT audit resources are needed; Accurately evaluating IT-related risks; Effectively executing IT audit work.

Global Technology Audit Guide (GTAG®) 05: Managing and Auditing Privacy Risks replaced by Practice Guide, Auditing Privacy Risks, 2nd edition ( , 559 KB )
02-Jul-12 | GTAG | IIA Global | Access: All Members
One of the many challenging and formidable risk management issues faced by organizations today is protecting the privacy of personal information about customers, employees,and business partners. Consumers are concerned with how businesses and organizations use and protect this information. Business owners and management want to meet the needs and expectations of their customers, business partners, and employees; keep any commitments pursuant to contractual agreements; and comply with applicable data privacy and security laws and regulations. Privacy is a global issue. Many countries have adopted privacy legislation governing the use of personal information, as well as the export of this information across borders. For businesses to operate effectively in this environment, they need to understand and comply with these privacy laws.

Global Technology Audit Guide (GTAG®) 06: Managing and Auditing IT Vulnerabilities ( , 631 KB )
31-Dec-08 | GTAG | IIA Global | Access: All Members
This global technology audit guide aims to help CAEs pose the correct questions to their IT security staff when assessing the effectiveness of their vulnerability management processes. The guide recommends specific management practices to help an organisation achieve and sustain higher levels of effectiveness and efficiency and illustrates the differences between high- and low-performing vulnerability management efforts.

1 2 3 4 5