Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
Fraud Detection

Fraud Detection

Ratings: (0)|Views: 1,241 |Likes:
Published by Marco Almeida

More info:

Categories:Types, Business/Law
Published by: Marco Almeida on Jun 16, 2010
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





Fraud Preventionand Detection inan Automated World
IPPF Practice Guide
Global Technology Audit Guide (GTAG)
Written in straightorward business language to address a timely issue related to IT management, control, and security, the GTAGseries serves as a ready resource or chie audit executives on dierent technology-associated risks and recommended practices.
Information Technology Controls:
Topicsdiscussed include IT control concepts, theimportance o IT controls, theorganizational roles and responsibilities orensuring eective IT controls, and riskanalysis and monitoring techniques.
Change and PatchManagement Controls:Critical forOrganizationalSuccess
Change and Patch Management Controls:
Describes sources o change and their likelyimpact on business objectives, as well ashow change and patch managementcontrols help manage IT risks and costs andwhat works and doesn’t work in practice.
Continuous Auditing:Implications for Assurance,Monitoring, andRisk Assessment
Continuous Auditing:
Addresses the roleo continuous auditing in today’s internalaudit environment; the relationship o continuous auditing, continuousmonitoring, and continuous assurance; andthe application and implementation o continuous auditing.
Management of ITAuditing
Management of IT Auditing:
DiscussesIT-related risks and defnes the IT audituniverse, as well as how to execute andmanage the IT audit process.
Managingand AuditingPrivacy Risks
Managing and Auditing Privacy Risks:
 Discusses global privacy principles andrameworks, privacy risk models andcontrols, the role o internal auditors, top 10privacy questions to ask during the course o the audit, and more.
Managing and AuditingIT Vulnerabilities
Managing and Auditing IT Vulnerabilities:
 Among other topics, discusses thevulnerability management lie cycle, thescope o a vulnerability management audit,and metrics to measure vulnerabilitymanagement practices.
Information Technology Outsourcing:
Discusses how to choose the right IToutsourcing vendor and key outsourcingcontrol considerations rom the client’s andservice provider’s operation.
Auditing Application Controls:
Addressesthe concept o application control and itsrelationship with general controls, as well ashow to scope a risk-based applicationcontrol review.
Identity and AccessManagement
Identity and Access Management:
Coverskey concepts surrounding identity andaccess management (IAM), risks associatedwith IAM process, detailed guidance onhow to audit IAM processes, and a samplechecklist or auditors.
Business ContinuityManagement
Business Continuity Management:
Defnesbusiness continuity management (BCM),discusses business risk, and includes adetailed discussion o BCM programrequirements.
Developing theIT Audit Plan
Developing the IT Audit Plan:
Providesstep-by-step guidance on how to develop anIT audit plan, rom understanding thebusiness, defning the IT audit universe, andperorming a risk assessment, to ormalizingthe IT audit plan.
Auditing IT Projects:
Provides an overviewo techniques or eectively engaging withproject teams and management to assess therisks related to IT projects.
Visit The IIAs Web site at www.theiia.org/technology to download the entire series.
Global Technology Audit Guide (GTAG®) 13
December 2009Copyright © 2009 by The Institute of Internal Auditors Inc. (IIA) 247 Maitland Ave., Altamonte Springs, FL 32701-4201, USA.All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form by anymeans — electronic, mechanical, photocopying, recording, or otherwise — without prior written permission from the publisher.The IIA publishes this document for informational and educational purposes. This document is intended to provide information, but isnot a substitute for legal or accounting advice. The IIA does not provide such advice and makes no warranty as to any legal or accountingresults through its publication of this document. When legal or accounting issues arise, professional assistance should be retained.
Fraud Prevention and Detectionin an Automated World

Activity (60)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
Keneni Taye liked this
srnscribd liked this
wadoud651 liked this
aentili liked this
nnbphuong81 liked this
Rockhawk1 liked this

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->