Information Technology Audit Guidance and Resources

IIA Technology Audit Research and Development News

IIA Call for Papers – The 5th IT Audit Research Symposium  

The IIA International Advanced Technology Committee and The IIA Research Foundation are pleased to announce the fifth IT Audit Research Symposium to be held in Atlanta, Georgia, USA, on Sunday, June 6, 2010, in conjunction with The IIA’s International Conference. Scholars, researchers, and internal audit practitioners are invited to send a paper abstract in subjects relevant to challenging IT auditing. Selected delegates will present their research proposals, dialogue with and receive feedback from academics and practitioners in the symposium. For more detail, please see the Call for Papers.

IIA releases New Practice Guide
PG GTAG-13: Fraud Prevention and Detection in an Automated World 
This GTAG provides an overview of IT related fraud risks and techniques for effectively engaging technology to assess the risks related to fraud. The IIA Standards requires internal auditors to have sufficient knowledge to evaluate the risk of fraud and the manner in which it is managed by the organization, and exercise due professional care by considering the probability of significant errors, fraud, or noncompliance. This GTAG focuses on IT related fraud risks and risk assessments and how the use of technology can help internal auditors and other key stakeholders within the organization address fraud and fraud risks.

The IIA's practice guide series: GTAG and GAIT
Global Technology Audit Guide (GTAG) series
The GTAG series was created to provide high-level technology information from a business point of view that can help internal auditors worldwide better understand the different risks, controls, and governance issues surrounding technology. Along with the GAIT guides, GTAGs are officially recognized as "strongly recommended guidance" under the International Professional Practices Framework (IPPF).

Guide to the Assessment of IT Risk (GAIT) series

The GAIT series describes the relationships among business risk, key controls within business processes, automated controls and other critical IT functionality, and key controls within IT general controls. Each practice guide in the series addresses a specific aspect of IT risk and control assessments. 

What is The IIA Doing Regarding Technology? presentation (PDF, 500KB).
Get a brief overview of The IIA's Advanced Technology Committee and the guidance it oversees.

Explore the links in the right-hand column for more technology-related guidance.