Practice Guides — General(實務指引— 一般)



發布日期 原文 譯文下載
2018​-02 NEW!
Coordination and Reliance: Developing an Assurance Map
2017​-10 NEW!
Engagement Planning: Assessing Fraud Risks
2017​-08 NEW!
Engagement Planning: Establishing Objectives and Scope
​2016-10 Audit Reports: Communicating Assurance Results 稽核報告-確認性專案結果之溝通
​2016-01 Internal Audit and the Second Line of Defense 內部稽核與第二道防線
​2015-12 Talent Management 才能管理
​2014-08 Business Continuity Management 業務持續管理
​2014-06 Auditing Anti-bribery and Anti-corruption Programs 反賄賂與反貪腐稽核專案
​2012-07 Auditing Privacy Risks, 2nd Edition
(replaces GTAG 5)
2012​-07 Integrated Auditing 整合性稽核
​2012-07 Selecting, Using, and Creating Maturity Models: A Tool for Assurance and Consulting Engagements 選擇、使用和建置成熟模型:確認性和諮詢專案的工具
2012-07 Assessing Organizational Governance in the Private Sector 評估私部門的機構治理
​2012-07 ​Developing the Internal Audit Strategic Plan 發展內部稽核的策略計畫
​2012-06 Evaluating Ethics-related Programs and Activities 評估與倫理有關之計畫與活動
​2012-03 Coordinating Risk Management and Assurance 協調風險管理與確認
​2012-03 Quality Assurance and Improvement Program 品質保證與改善計畫
​2011-12 Reliance by Internal Audit on Other Assurance Providers 內部稽核對其他確認性服務提供者之依賴
​2011-10 Independence and Objectivity 獨立性與客觀性
2011-08 Interaction with the Board 與董事會互動
​2011-04 Auditing the Control Environment 控制環境稽核
​2011-04 Assisting Small Internal Audit Activities in Implementing the International Standards for the Professional Practice of Internal Auditing 協助小型內部稽核單位履行國際內部稽核執業準則
​2010-12 Measuring Internal Audit Effectiveness and Efficiency 衡量內部稽核的效果與效率
2010-12 Assessing the Adequacy of Risk Management Using ISO 31000 應用ISO 31000 評估風險管理的適足性
2010-05 Chief Audit Executives — Appointment, Performance, Evaluation, and Termination 內部稽核主管- 任用、績效評核、及解任
​2010-04 Auditing Executive Compensation and Benefits 稽核經營階層薪酬及福利
​2010-02 Evaluating Corporate Social Responsibility/Sustainable Development 評估企業社會責任/永續發展
2009-12 Internal Auditing and Fraud 內部稽核與舞弊
​2009-05 Auditing External Business Relationships 稽核外部企業關係
​2009-04 Formulating and Expressing Internal Audit Opinions 形成和表示內部稽核意見

Practice Guides — Financial Services(實務指引— 金融服務)


發布日期 原文 譯文下載
2018-05 NEW!Auditing Capital Adequacy and Stress Testing for Banks 銀行資本適足與壓力測試之稽核
2018-03 NEW! Auditing Model Risk Management 稽核模型風險管理
​2017-12 NEW! Auditing Liquidity Risk: An Overview 稽核流動性風險-概述

Practice Guides — Public Sector(實務指引— 公部門)


發布日期 原文 譯文下載
2018-04 NEW!Auditing Grants in the Public Sector 公部門補助款之稽核
​2015-02 NEW! Creating an Internal Audit Competency Process for the Public Sector 創建公部門內部稽核專業能力過程
​2014-10 NEW! Assessing Organizational Governance in the Public Sector​ 評估公部門機構治理

Practice Guides — GTAG®(實務指引— 全球科技稽核指引)


發布日期 原文 譯文下載
2018-01 UPDATED!
Auditing IT Governance
(Previously GTAG 17)
2017-05 Understanding and Auditing Big Data 大數據之認識與稽核
2016-09 Assessing Cybersecurity Risk: Roles of the Three Lines of Defense 評估網路安全風險:三道防線角色
2016-08 Auditing Smart Devices: An Internal Auditor's Guide to Understanding and Auditing Smart Devices


2013-01 Management of IT Auditing, 2nd Edition
(Previously GTAG 4)
2012-06 Information Technology Outsourcing, 2nd Edition
(Previously GTAG 7)
2012-03 Change and Patch Management Controls: Critical for Organizational Success, 2nd Edition
(Previously GTAG 2)
2012-03 Information Technology Risk and Controls, 2nd Edition
(Previously GTAG 1)
2011-08 Data Analysis Technologies
(Previously GTAG 16)
2010-06 Information Security Governance
(Previously GTAG 15)
2010-06 Auditing User-developed Applications
(Previously GTAG 14)
2009-12 Fraud Prevention and Detection in an Automated World
(Previously GTAG 13)
2009​-03 Auditing IT Projects
(Previously GTAG 12)
2009-01 Auditing Application Controls
(Previously GTAG 8)
2009​-01 Business Continuity Management
(Previously GTAG 10)
2009-01 Continuous Auditing: Coordinating Continuous Auditing and Monitoring to Provide Continuous Assurance, 2nd Edition
(Previously GTAG 3)
2009-01 Developing the IT Audit Plan
(Previously GTAG 11)
2009-01 Identity and Access Management
(Previously GTAG 9)

Practice Guides — GAIT(實務指引—資訊科技風險評估指引)


發布日期 原文 譯文下載
2009-01​ GAIT Methodology​ 資訊科技控制評估之指引(GAIT方法)
2009-01​​​ GAIT for IT General Control Deficiency Assessment 資訊科技一般控制缺失評估之方法
2009-01 GAIT for Business and IT Risk 企業及資訊科技風險評估指引

Case Studies of Using GAIT for Business and IT Risk to Scope PCI Compliance
Following the GAIT-R principles and methodology, this paper provides two case studies of applying GAIT-R to PCI compliance.​

Other Supplemental Guidance(其它補充指引)


發布日期 原文 譯文下載
2017-03 ​Model Internal Audit Activity Charter 內部稽核單位規程範本
2016-08 Applying The IIA’s International Professional Practices Framework as a Professional Services Firm 當專業服務機構適用IIA國際專業實務架構