This posting is about learning from best practice guidance and leading papers and studies that have been published by a diverse group of organizations.
1. The GAO web site is one of my favorite places to visit for IT and IT Security guidance although their research effort is much much broader than just these two activities.
2. The IIA is funding a long term effort to develop a series of global technology audit guides which are useful to both auditors and IT practitioners. The GTAGs are published only after an extensive review process is completed.
3. Finally, while people either are very for or very against Wikipedia as a source of good information visiting this repository periodically can be useful. This week I highlight its efforts regarding information technology governance.
Good luck and have another great week.
1. The U.S. Government Accountability Office (the GAO)
The Government Accountability Office (GAO) is an agency that works for Congress and the American people. Congress asks GAO to study the programs and expenditures of the federal government. GAO, commonly called the investigative arm of Congress or the congressional watchdog, is independent and nonpartisan. It studies how the federal government spends taxpayer dollars and advises Congress and the heads of executive agencies about ways to make government more effective and responsive. www.gao.gov
Leading best practice guidance on various management practices – http://www.gao.gov/aac.html
Leading IT and IM guidance – http://www.gao.gov/special.pubs/cit.html
2. Global Technology Audit Guide (GTAG)
The Institute of Internal Auditors (The IIA) is producing a series of publications with guidance on information technology. Written primarily for the chief internal audit executive (CAE) and audit supervisors, the guides address concerns of the board of directors and chief-level executives. Each Global Technology Audit Guide (GTAG)