Audit Guide for the Evaluation of Information Technology Security and Risk Management Controls in California State Agencies
Advanced Technology Program (ATP) Audit Guidelines are provided by the Office of Inspector General, U.S. Department of Commerce. The ATP is a cost-sharing program between government and industry to pursue high-risk, enabling technologies with significant commercial and economic potential.
Audit Guide 2000 from the California Department of Education sets forth the requirements and background information for the auditor of child development, child and adult care food programs, national school lunch program, school breakfast program, summer food program, donated food commodity program, and adult basic education program administered by private and public agencies. This guide also summarizes and references all audit manuals, hand books and audit guides of the CDD, NSD, AEU and County Welfare Departments.
Audit Guide For Audit Committees of Small Non-Profit Organizations from the Virginia Society of CPAs provides assistance for the audit committees of small NPOs to perform a limited review of their organizations' financial statements.
Audit Guidance Web site from the Defense Contract Audit Agency provides various manuals and guides for government contract auditors.
Audit Manual from the City of Tampa Internal Audit Department.
Audit Manual from the UT Systems Audit Office includes details on organizational structure, office policies and procedures and sample documents.
Audit Process Handbook The DHHS OIG Audit Process Handbook in pdf format was developed to give auditors tools to conduct audits and prepare reports. It lays out a systematic approach designed to keep the audit focused, involve all team members throughout the process and facilitate report preparation.
Audit Programs from the UT Systems Audit Office includes programs and questionnaires for Internal Controls, information technology, payroll and more.
Audit Program Guides from the City of Tampa's Internal Audit Department are available in Adobe Acrobat pdf format. The audit guides cover many functional and program areas of local governments such as fixed assets, inventory, cashiering and more. Local government auditors should bookmark this site for future reference.
The Audit Report Writing Guide from the Public Service Commission of Canada provides guidelines for the design, style and content of the reports they publish. This document is an excellent resource for audit organizations developing their own guide.
Audit Techniques Guide I.R.S. market segment specialization program provides audit guides uses by examiners for 11 different industries. Good reference material for auditors reviewing, air charters, architects, tobacco industry and more.
Auditing the Human Resources Function Audit program provided by a Human Resource Consulting Firm outlines the basic approach as well as information that should be included to cover a regulatory compliance review.
Benchmarking Human Resources is a navigation guide from the Western Australia State Government. This discussion paper provides an overview of HR benchmarking and strategies for identifying meaningful HR performance indices.
Best Practices Procurement Manual Federal Transit Administration provides recipients of Federal Transit Administration (FTA) funds suggested procedures, methods, and examples for conducting third party procurements to assist them in meeting FTA standards.
Better Practice Guides from the Australian National Audit Office are reports on specific areas of interest to auditors along with best practice information. Includes guides for selecting suppliers, travel, effective control, performance information and more. (look in the Publications section)
Building and Auditing a Trusted Network Environment with Netware 4.x Online Guide from Novell includes a security overview, security basics, and audit guidelines for Novell networks using Netware 4.x.
Business Tools Web site from CCH that provides a comprehensive list of ready-to-use templates, checklists and model business documents. You never know when one of these documents may come in handy!
Check Fraud: A Guide to Avoiding Losses Office of the Comptroller of the Currency provides guidance on a major organizational issue. Guide sections include check fraud schemes, prevention measures (internal controls, training, check cashing guidelines) and more.
Computer Control and Audit Guide prepared by Professor J. Efrim Boritz, a recognized accounting scholar, is an overview and reference source pertaining to computer control and audit issues with which an accountant or financial manager should be familiar. This guide can be used as a text in a course or for self-study. This guide is organized into three logically related parts as follows: risks and exposures in computer-based information systems; computer controls, objectives, standards, and techniques; and computer auditing issues.
Construction Cost Management Guide from the California Board of Corrections provides guidance on controlling costs and project planning for construction projects.
Conference Audit Guide provides information and guidance for performing audits of conferences, symposiums and workshops.
Contract Administration and Audit Guide From the California Board of Corrections provides guidance for construction grants.
Control and Monitoring is an online text on the subject from an accounting perspective.
Corporate Credit Card Best Practice Guide from the Australian Government provides a policy, controls over card issues, operational controls and more.
Cost Estimating Handbook is an excellent resource tool for auditors and accountants. The Handbook provides statistical techniques and development guidelines for cost estimation, acceptance criteria for cost estimation, guidelines for auditing and analyzing a cost estimation relationship, elements of good estimating practice and more.
Cost Principles - Procedures for Developing Cost Allocation Plans is an implementation guide for OMB Circular A-87.
Curtin Control Assessment is a management tool utilized at the university enabling managers to informally assess their control processes.
Customer Service Audit Guide from the Treasury Board of Canada provides information for conducting a review in this area.
Data Collection and Analysis Site Web site from Deakin University in Australia provides a comprehensive guide on the scientific process of collecting and analyzing data. Particularly useful chapters for auditors on surveys, sampling and techniques.
Decision Support Solutions Audit Program from Leveraged Solutions provides a high level audit work program of a DSS installation.
EDI Implementation Guide from the Australian Government provides control audit and security issues, implementation plans, standards and more.
Effective Control Guide from the Australian National Audit Office covers the control issues and provides a control framework for a government organization.
Environmental Audit Guide from Consulting and Audit Canada provides information for reviews in this subject.
Environmental Auditing Program provides information from the Minnesota Pollution Control Agency including audit checklists for above ground tanks, underground tanks, spills and more.
Environmental Finance Financial Tools Guidebook EPA reference guidebook of more than 250 tools for financing environmental programs. Great reference tool for auditors reviewing environmental programs and their respective financing.
Ethical Business Guide Web site with links and material covering non-financial benchmarks of institutional/corporate activity: including social and environmental impacts and anti-corruption measures.
Facilitation Skills Course from the DoD Electronic College of Process Innovation is a complete workshop on the topic. Excellent resource for auditors implementing a CSA approach in their organization.
FDIC Bank Examination Manual The table of contents of this Federal Deposit Insurance Corporation Compliance manual links the auditor with files in Adobe Acrobat format. This could be a useful resource for bank auditors.
FDIC Information Systems Handbook This is the Interagency guide for regulatory examiners for examining information systems operations in financial institutions and service bureaus. The Handbook includes an overview of IS concepts, practices, IS controls, and sample audit programs. This is a valuable resource for IS auditors. The files are in Adobe Acrobat format.
Financial Management Reference Guide provides an example of an accounting financial management guide for libraries.
Framework for Internal Control Systems in Banking Organisations from the Bank for International Settlements is available for download from their Web site.
Full Cost Initiative Implementation Guide developed by NASA provides a comprehensive accounting and management approach to costing services.
GAO Federal Information Systems Control Audit Manual from GAO provides guidelines for auditing information systems.
GAO General Policies/Procedures and Communications Manual provides guidance on their methodologies including sampling, workpapers, reporting and more.
Guide to Cost Based Decision Making from the Texas State Auditor's Office, is designed to assist management in developing more comprehensive cost accounting information to enhance the ability of decisionmakers to identify, analyze, and control the causes of costs, as well as establish links between cost information and program efficiency and effectiveness.
Guide to Minimizing Computer Theft provides information on methods to safeguard computer assets.
Guide to Performance Measurement from the Foundation for Performance Measurement provides non-financial indicators.
Handbook for Audit Committee Members Good reference from Grant Thornton, for auditors that need to provide guidance to the Audit Committee. Includes sections on reviewing internal controls and working with internal auditors.
Handbook on Fraud Indicators for Contract Auditors is the DoD Inspector General guide on contract fraud.
Hiring Policies and Procedures Check Lists University of Wisconsin Platteville provides guidelines for recruiting, interviewing, and testing and selection practices.
Hiring Policies and Procedures Manual University of Wisconsin Platteville provides a good example of guidelines for a human resources department.
H.U.D. Audit Guides provides a link to their consolidated audit guide.
Human Resource Management Self-Assessment Guide from the Texas State Auditor's Office serves as a tool for evaluating areas to improve. Shows organizations how to address identified deficiencies in human resource management.
IFCI Risk Watch Guide to Regulation and Control of Financial Risk provides an Introduction to Risk, Key Risk Concepts, a Risk Library and Glossary. The site also provides an overview of the 13 key risk concepts.
Information Systems Best Practice Guidelines from the Australian Queensland Audit Office provides general control areas.
Internal Audit Manual is the DoD IG Internal Audit Manual.
Internal Control State University of New York at Brockport provides information about their program. The site includes a definition, human resource internal controls, general and specific standards and more.
Internal Controls Commonwealth of Massachusetts provides information describing what they are as well as an Internal Control Guide for Departments.
Internal Control and Financial Management Manual Connecticut's Accountability Directive issued jointly by the Office of the State Comptroller, Office of Policy and Administration and the Auditor of Public Accounts.
Internal Control Guide draft from the ICAEW provides internal control guidance for directors of listed companies incorporated in the United Kingdom.
Internal Control Guide developed by Johns Hopkins University. The Guide focuses on the policies and procedures of the University but could easily be adapted to other organizations.
Internal Control Guide Massachusett's Comptroller General guide for state departments. Straight-forward format that could be adopted by other auditors in recommendations.
Internal Review Guide from the U.S. Army provides details of the process used in conducting audits of their operations. Excellent example of a comprehensive audit program targeted toward meeting customer needs.
Internal Peer Review Guide is an electronic guide for internal quality control used to assess conformance to Government Auditing Standards and Office of Audit directives.
Internet Administration Policy Guide provides an executive overview on the subject and includes an acceptable usage policy template.
Internet Learning Materials for MBA Students Web guide from BizEd focused on MBA studies. Sections provide links and research tips for accounting and finance, business economics, human resource management, marketing, strategy, and operations management.
Internet Security Policy Guide NIST Special Publication series is designed to assist organizations create an Internet-specific information security policy.
Intranet Application Security Checklist lists threats and possible mechanisms an information security administrator can use for checks and balances.
Kelley Blue Book provides vehicle values for new and used cars and motorcycles. Good industry standard resource for auditors looking at inventory valuation guidelines for fleet vehicles.
Knowledge Base is an online textbook for an introductory course in research methods. Auditors conducting any sort of online research will find this a useful site.
Licensing and Software Management Guide provides an effective system for software acquisition, distribution/use, copyright law and more. Includes sections on software audits, audit tools, audit resources, preparing for an audit, initial analysis, conducting and reporting.
Local Church Audit Guide prepared by the United Methodist Church provides guidance for church audits.
Managing Derivatives Risk-Guidelines for end-users These Guidelines were developed by members of the Derivatives Working Party of the Futures and Options Association. The Guidelines comprise six core principles for managing derivatives risk, including suggestions as to practical steps to be taken in implementing them. Free registration on this site is required in order to access he risk guidelines. This is an excellent resource for those auditors reviewing derivative investments.
Michigan School Auditing Manual provides guidance on financial audits to school districts and their CPA's.
Micro-Computer Security Checklist Web site from the North Carolina State University Internal Audit department provides a guide for department managers.
Network Risk Assessment Users Manual is available in either Word or WordPerfect format from the NIH Information Systems Security page.
Performance Management Guide Excellent publication from the UC San Diego on managing employee performance. Auditors reviewing the human resource department for their organization can use this guide as a model for setting up an employee performance management system.
Performance Management System Audit Guide Australian Queensland Audit Office provides an audit approach, methodology, audit considerations, criteria and more.
Performance Measurement Guide Texas State Auditor's Office provides information about setting up a performance measurement system and detail on how agencies can establish adequate internal controls in measurement systems in order to assist them in reporting accurate information.
Practical Guide to Corruption Prevention Prepared by the Independent Commission Against Corruption is an excellent resource for developing a fraud and corruption program within organizations. Modules include risk assessment, ethics, cash handling, purchasing and more.
Procurement Policies and Procedures Handbook Commonwealth of Massachusetts includes best value guidelines, role of procurement for managers, contract categories and more. This is a good reference document for auditors reviewing and comparing best practices.
Pupil Accounting Manual from the Michigan Department of Education provides guidance on pupil membership requirements and count procedures.
Pupil Auditing Manual from the Michigan Department of Education provides guidance to ISD auditors on pupil auditing standards.
Repeat Offender Prevention Program Audit Guide provides procedures for audits of county programs in California.
Risk Management Audit Guide Treasury Board of Canada provides review guidance for auditors including risk identification, compensation, volunteers and more.
Risk Standards for Institutional Investment Managers Web site from an industry working group containing guidelines which institutional investors and institutional investment managers may use when planning their own risk measurement and risk management practices. The Risk Standards are grouped into three categories: Management, Measurement and Oversight. Excellent resource for auditors reviewing investment risk within organizations.
Sales System Control Objectives University of Manitoba provides system implementation control objectives for this functional area.
Sampling and Surveying Handbook Air University provides guidelines for planning, organizing and conducting surveys. The site includes guidance on selecting a sample size with a corresponding free program available for download.
Security Policies provided by the SANS Institute include templates for computer usage guidelines, acceptable use statements, special access policy, incident handling and more.
Sick Leave Management Audit Guide Treasury Board of Canada provides guidance for reviews in this area. Sections include a model for sick leave management, planning and performing the audit, and more.
Social Security Death Index Freely accessible database of the Social Security Administration records of deceased individuals. Handy tool for audits of organization retirees.
Software Management Policy Manual State of Connecticut provides their policy statements, agency resposibilities, and software use policies. This excellent resource is a model for combating organizational software piracy.
Span of Control Calculator Web site that provides a simple formula for determining the size of an organization based on the span of control and the hierarchical levels of management.
Spreadsheet Research is a repository for research on spreadsheet development, testing, use, and technology. Sections include reports of errors in practice, audits, development and audit experiments, questionnaire and interview studies, the Year 2000 spreadsheet problem and more.
Subrecipient Audit Guide The purpose of this manual is to implement the City of Philadelphia's audit requirements for organizations and their independent auditors in preparing for and performing audits of organizations that receive financial assistance awards from the City.
System Implementation Review Checklist from the University of Manitoba provides a comprehensive approach for a review of this area.
Training Function Audit Guide from the Treasury Board of Canada provides information for reviews in the staff training area.
Transportation Consultants Audit and Accounting Guide from the American Association of State Highway and Transportation Officials.
U.S. Army Financial Analysis Package provides applications for Future Values, Current Values, Return on Investment, Inventory Models, Learning Curves, Break Even Analysis, and Lease versus Purchase Analysis.
U.S. Army Internal Review Audit Guides
- Audit Guide for Mass Transportation Fringe Benefit Program for Outside the National Capital Region (NCR), June 29, 2001 (EXPLANATION)
- Audit of MWR Utilization, Support and Accountability (USA) Funding Practice also in MS Word, and PDF formats
- Audit of Travel Card Delinquencies in MS Word and PDF formats
- Automated Information Systems, Year 2000, Audit Program also in MS Word and PDF formats
- Government Purchase Card Program, Audit Program also in MS Word and PDF formats
- Government Travel Charge Card Program, Audit Program also in MS Word and PDF formats
- Morale, Welfare & Recreation Activities also in MS Word and PDF formats
- Review of Telephone Costs and Services, in MS Word and PDF formats
U.S. Army Statistical Sampling Program is an application developed and used by the Army. Auditors may download and use this audit program to help in statistical sampling.
U.S.D.A. Audit Guide for Audits of Child and Adult Care Food Program Institutions.
Users Guide for the Uniform Bank Performance Report Guide from the Federal Financial Institutions Examination Council for an analytical tool created for bank supervisory, examination and management purposes.
Value for Money Audit Manual from the Office of the Auditor General of Canada provides standards, expected and common practices.
VassarStats Statistical Computation Web site provides a comprehensive collection of statistical calculators for many procedures along with examples of key concepts. There is also a table covering the platforms/browsers necessary to run some simulations.
Windows NT Security Guidelines from Trusted Systems Services provide guidelines for securely configuring the Windows NT operating system. The 110 page guidelines were the result of a 1-year project for the National Security Agency (NSA) Research Organization.
Worker's Compensation Fraud Manual The California Department of Insurance produced Fighting Worker's Compensation Fraud: A Training Series for the Industry. The manual is well organized and provides an overview of the problem, definition of terms, depositions, guidelines for subpoenaing records, premium fraud, legal obligations and more.
Year 2000 Audit Program is available from the Edith Cowan University Web site. The model covers the issues, control weaknesses and exposures, recommendations and key controls.
Year 2000 Business Continuity Plan is a comprehensive template from the State of Massachusetts that will help auditors address key issues.
Year 2000 Contingency Plan is a template from the State of Massachusetts for actions to be implemented in response to a Year 2000 hazard.
Year 2000 Problem Checklist from the CUNA Mutual Insurance Society provides a structured approach for dealing with the Year 2000 timebomb issue.