Supplemental Guidance

• Business Continuity Management​
• ​Demonstrating the Core Principles for the Professional Practice of Internal Auditing
• Developing a Risk-based Internal Audit Plan​
• Developing the Internal Audit Strategic Plan​
• ​Engagement Planning: Assessing Fraud Risks
• Engagement Planning: Establishing Objectives and Scope
• Formulating and Expressing Internal Audit Opinions​
• Independence and Objectivity​
• ​Integrated Auditing
• Quality Assurance and Improvement Program​
• Talent Management

• Assessing the Risk Management Process
• Assisting Small Internal Audit Activities in Implementing the International Standards for the Professional Practice of Internal Auditing​
• Audit Reports: Communicating Assurance Results​
• Auditing Anti-corruption Activities
• ​Auditing Culture
• Auditing Executive Compensation and Benefits​
• Auditing Privacy Risks, 2nd Edition (replaces GTAG 5)​
• Auditing Third-party Risk Management
• Evaluating Ethics-related Programs and Activities​
• Internal Auditing and Fraud​

• Assessing Cybersecurity Risk: The Three Lines Model
• ​​Auditing Identity and Access Management
• Auditing Insider Threat Programs
• Auditing IT Governance (Previously GTAG 17)
• ​Auditing IT Projects (Previously GTAG 12)
• Auditing Mobile Computing
• ​Business Continuity Management (Previously GTAG 10)
• Continuous Auditing: Coordinating Continuous Auditing and Monitoring to Provide Continuous Assurance, 2nd Edition (Previously GTAG 3)
• Data Analysis Technologies (Previously GTAG 16)​
• Fraud Prevention and Detection in an Automated World (Previously GTAG 13)
• Information Technology Outsourcing, 2nd Edition (Previously GTAG 7)
• Information Technology Risk and Controls, 2nd Edition (Previously GTAG 1)
• ​IT Change Management: Critical for Organizational Success, 3rd Edition (Previously GTAG 2)
• ​IT Essentials for Internal Auditors​
• Management of IT Auditing, 2nd Edition (Previously GTAG 4)
• ​Understanding and Auditing Big Data

• Auditing Capital Adequacy and Stress Testing for Banks
• ​​Auditing Conduct Risk
• Auditing Credit Risk Management
• ​​Auditing Market Risk in Financial Institutions​
• ​Auditing Model Risk Management
• Auditing Liquidity Risk: An Overview
• ​Foundations of Internal Auditing in Financial Services Firms

• Assessing Organizational Governance in the Public Sector​
• ​Auditing Grants in the Public Sector
• Auditing Procurement in the Public Sector
• Creating an Internal Audit Competency Process for the Public Sector
• ​​Unique Aspects of Internal Auditing in the Public Sector

Applying The IIA’s International Professional Practices Framework as a Professional Services Firm

Internal Audit Strategy and Best Practices

• Chief Audit Executives — Appointment, Performance, Evaluation, and Termination​
• ​​Coordination and Reliance: Developing an Assurance Map
• ​Demonstrating the Core Principles for the Professional Practice of Internal Auditing​
• ​Integrated Auditing
• Interaction with the Board​
• Measuring Internal Audit Effectiveness and Efficiency​
• Selecting, Using, and Creating Maturity Models: A Tool for Assurance and Consulting Engagements​

General Best Practices

• Assessing Organizational Governance in the Private Sector​
• Auditing Anti-corruption Activities

Global Technology Audit Guides (GTAGs)

• Auditing Smart Devices: An Internal Auditor's Guide to Understanding and Auditing Smart Devices