The importance of internal audits

This week`s resource selections originate from a monthly internal audit column I write for Jim Kaplan, for going on more than three years now.


Each month in Jim’s internal audit newsletter ( I highlight leading audit and security resources to assist auditors and security practitioners.


Have another great week.


Dan Swanson


Disaster Recovery (DR) and Business Continuity Planning (BCP) resources

This web page provides resources and articles on the subject of DR and BCP that you can use for reviews and planning for audits in this area.


Auditing IT Initiatives “Thought Leadership” – Particularly Useful When an IT Project Failure is NOT An Option!

Some key questions to consider:

– Does the proposed IT solution work & will it meet the needs of the organization?

– Does the security aspect of the IT solution work?

– Will the privacy of the organization’s information be maintained?

– Will the staff know how to perform “productively” and accurately?

– Have we done everything necessary to be prepared?

– Are we ready to implement and how do you know it'll work?

Some leading resources to assist your “readiness” assessment effort are available here.


Auditing for Fraud “Thought Leadership” – Because bad things are happening

Some companies have significantly lower levels of misappropriation of assets and are less susceptible to fraudulent financial reporting than others. Why? Because they aggressively take steps to prevent and detect fraud, end of story (it’s that simple). At these exemplary companies, management is responsible for designing and implementing systems and procedures for the prevention and detection of fraud—and, along with the board of directors, for ensuring a culture and environment that promotes honesty and ethical behavior.


Security Management resources

A variety of information security management resources have been gathered at this one web page


Auditing Risk Management is strongly recommended

Some resources to assist your risk management efforts are available at this one web page.

Auditing security using the PCI standard and related guidance – (Because personal information must be protected)
We need to protect personal information much more than ever before and extensive help from the PCI Security Standards Council and numerous other organizations does exist.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

IT World Canada in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Latest Blogs

Senior Contributor Spotlight