Dan Swanson’s Security Resources: #13

Published: August 7th, 2008

This posting is about learning from best practice guidance and leading papers and studies that have been published by a diverse group of organizations.

1. The GAO web site is one of my favorite places to visit for IT and IT Security guidance although their research effort is much much broader than just these two activities.

2. The IIA is funding a long term effort to develop a series of global technology audit guides which are useful to both auditors and IT practitioners. The GTAGs are published only after an extensive review process is completed.

3. Finally, while people either are very for or very against Wikipedia as a source of good information visiting this repository periodically can be useful. This week I highlight its efforts regarding information technology governance.

Good luck and have another great week.

Dan Swanson


1. The U.S. Government Accountability Office (the GAO)

The Government Accountability Office (GAO) is an agency that works for Congress and the American people. Congress asks GAO to study the programs and expenditures of the federal government. GAO, commonly called the investigative arm of Congress or the congressional watchdog, is independent and nonpartisan. It studies how the federal government spends taxpayer dollars and advises Congress and the heads of executive agencies about ways to make government more effective and responsive. www.gao.gov

Leading best practice guidance on various management practices – http://www.gao.gov/aac.html
Leading IT and IM guidance – http://www.gao.gov/special.pubs/cit.html

2. Global Technology Audit Guide (GTAG)

The Institute of Internal Auditors (The IIA) is producing a series of publications with guidance on information technology. Written primarily for the chief internal audit executive (CAE) and audit supervisors, the guides address concerns of the board of directors and chief-level executives. Each Global Technology Audit Guide (GTAG)

Would you recommend this article?

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada

Related Download
Moving to the Cloud: Beyond the Myths Sponsor: Carbon60
Moving to the Cloud: Beyond the Myths
Get on the road to cloud success by moving past the myths around it.
Register Now