Practice Guides — General(實務指引— 一般)



發布日期      原文 譯文下載
2022-11 NEW! Integrated Approaches to Internal Auditing  
2022-05 NEW! Internal Audit and Fraud, 2nd Edition  

Auditing Anti-corruption Activities

2020-05 Developing a Risk-based Internal Audit Plan 制定以風險為基礎的內部稽核計畫
2019-11 Auditing Culture 稽核文化
2019-08 Demonstrating the Core Principles for the Professional Practice of Internal Auditing 展現內部稽核專業實務核心原則

Assessing the Risk Management Process


Auditing Third-party Risk Management

2018​-02 ​​Coordination and Reliance: Developing an Assurance Map 協調及依賴-建置確認性地圖
2017​-10 Engagement Planning: Assessing Fraud Risks 專案規劃-評估舞弊風險
2017​-08 Engagement Planning: Establishing Objectives and Scope 專案規劃-設定目的與範圍
​2016-10 Audit Reports: Communicating Assurance Results 稽核報告-確認性專案結果之溝通
​2016-01 Internal Audit and the Second Line of Defense​ 內部稽核與第二道防線
​2015-12 Talent Management 才能管理
​2014-08 Business Continuity Management 業務持續管理
​2014-06 Auditing Anti-bribery and Anti-corruption Programs​ 反賄賂與反貪腐稽核專案
​2012-07 Auditing Privacy Risks, 2nd Edition
(replaces GTAG 5)
2012​-07 Integrated Auditing 整合性稽核
​2012-07 Selecting, Using, and Creating Maturity Models: A Tool for Assurance and Consulting Engagements 選擇、使用和建置成熟模型:確認性和諮詢專案的工具
2012-07 Assessing Organizational Governance in the Private Sector 評估私部門的機構治理
​2012-07 ​Developing the Internal Audit Strategic Plan 發展內部稽核的策略計畫
​2012-06 Evaluating Ethics-related Programs and Activities 評估與倫理有關之計畫與活動
​2012-03 Coordinating Risk Management and Assurance​ 協調風險管理與確認
​2012-03 Quality Assurance and Improvement Program 品質保證與改善計畫
​2011-12 Reliance by Internal Audit on Other Assurance Providers 內部稽核對其他確認性服務提供者之依賴
​2011-10 Independence and Objectivity 獨立性與客觀性
2011-08 Interaction with the Board 與董事會互動
​2011-04 Auditing the Control Environment 控制環境稽核
​2011-04 Assisting Small Internal Audit Activities in Implementing the International Standards for the Professional Practice of Internal Auditing 協助小型內部稽核單位履行國際內部稽核執業準則
​2010-12 Measuring Internal Audit Effectiveness and Efficiency 衡量內部稽核的效果與效率
2010-12 Assessing the Adequacy of Risk Management Using ISO 31000 應用ISO 31000 評估風險管理的適足性
2010-05 Chief Audit Executives — Appointment, Performance, Evaluation, and Termination 內部稽核主管- 任用、績效評核、及解任
​2010-04 Auditing Executive Compensation and Benefits 稽核經營階層薪酬及福利
​2010-02 Evaluating Corporate Social Responsibility/Sustainable Development​ 評估企業社會責任/永續發展
2009-12 Internal Auditing and Fraud 內部稽核與舞弊
​2009-05 Auditing External Business Relationships​ 稽核外部企業關係
​2009-04 Formulating and Expressing Internal Audit Opinions 形成和表示內部稽核意見

Practice Guides — Financial Services(實務指引— 金融服務)


發布日期 原文 譯文下載
2022-08 NEW! Auditing Liquidity Risk Management for Banks, 2nd Edition 稽核銀行流動性風險管理(第二版)
2022-06 NEW! Auditing Capital Adequacy and Stress Testing for Banks, 2nd Edition 稽核銀行業之資本適足及壓力測試(第二版)
2020-12 Auditing Market Risk in Financial Institutions  
2020-06 Auditing Conduct Risk  
2020-03 Auditing Credit Risk Management  
2019-08 Foundations of Internal Auditing in Financial Services Firms 金融業者內部稽核的基礎
2018-05 Auditing Capital Adequacy and Stress Testing for Banks 銀行資本適足與壓力測試之稽核
2018-03 Auditing Model Risk Management 稽核模型風險管理
​2017-12 Auditing Liquidity Risk: An Overview 稽核流動性風險-概述

Practice Guides — Public Sector(實務指引— 公部門)


發布日期 原文 譯文下載
2022-08 NEW! Building an Effective Internal Audit Activity in the Public Sector 在公部門中建置一個有效的內部稽核單位
2021-11 Auditing Procurement in the Public Sector 公部門採購之稽核
2019-10 Unique Aspects of Internal Auditing in the Public Sector 公部門內部稽核之獨特面向
2018-04 Auditing Grants in the Public Sector 公部門補助款之稽核
​2015-02 Creating an Internal Audit Competency Process for the Public Sector 創建公部門內部稽核專業能力過程
​2014-10 Assessing Organizational Governance in the Public Sector​ 評估公部門機構治理

Practice Guides — GTAG®(實務指引— 全球科技稽核指引)


發布日期      原文 譯文下載
2023-01 NEW! Auditing Network and Communications Management  
2022-06 Auditing Cyber Incident Response and Recovery  
2022-05 NEW! Auditing Cybersecurity Operations: Prevention and Detection 稽核資通安全營運:預防與偵測
2022-01 Auditing Mobile Computing
2021-09 Auditing Business Applications ,2nd edition(Supersedes GTAGs 8 and 14) 業務應用程式之稽核
2021-06 Auditing Identity and Access Management, 2nd Edition 身分及存取管理之稽核

Assessing Cybersecurity Risk: The Three Lines Model

2020-06 IT Essentials for Internal Auditors​ 內部稽核人員之資訊科技基礎
2020-02 IT Change Management 資訊變更管理
2018-08 Auditing Insider Threat Programs 稽核內部威脅計畫
2018-01 Auditing IT Governance
(Previously GTAG 17)
2017-04 Understanding and Auditing Big Data 大數據之認識與稽核
2016-08 Auditing Smart Devices: An Internal Auditor's Guide to Understanding and Auditing Smart Devices(RETIRED)


2015-03 Continuous Auditing: Coordinating Continuous Auditing and Monitoring to Provide Continuous Assurance, 2nd Edition
(Previously GTAG 3)
2013-01 Management of IT Auditing, 2nd Edition
(Previously GTAG 4)
2012-06 Information Technology Outsourcing, 2nd Edition
(Previously GTAG 7)
2012-03 Change and Patch Management Controls: Critical for Organizational Success, 2nd Edition
(Previously GTAG 2)
2012-03 Information Technology Risk and Controls, 2nd Edition
(Previously GTAG 1)
2011-08 Data Analysis Technologies
(Previously GTAG 16)
2009-12 Fraud Prevention and Detection in an Automated World
(Previously GTAG 13)

Practice Guides — GAIT(實務指引—資訊科技風險評估指引)


發布日期 原文 譯文下載
2009-01​ GAIT Methodology​ 資訊科技控制評估之指引(GAIT方法)
2009-01​​​ GAIT for IT General Control Deficiency Assessment 資訊科技一般控制缺失評估之方法
2009-01 GAIT for Business and IT Risk 企業及資訊科技風險評估指引

Case Studies of Using GAIT for Business and IT Risk to Scope PCI Compliance
Following the GAIT-R principles and methodology, this paper provides two case studies of applying GAIT-R to PCI compliance.​

Other Supplemental Guidance(其它補充指引)

發布日期 原文 譯文下載
2017-03 Model Internal Audit Activity Charter 內部稽核單位規程範本
2016-08 Applying The IIA’s International Professional Practices Framework as a Professional Services Firm 當專業服務機構適用IIA國際專業實務架構


2020-10 Internal Audit Competency Framework      內部稽核能力架構