Page 301 - ITGC_Audit Guides
P. 301

Appendix H. References and Additional

                   Reading







                   References

                   Buckley, Shannon. “IT Change Management,” Internal Auditor, September 1, 2011,
                       https://iaonline.theiia.org/it-change-management.
                   CISA Cyber+Infrastructure, Department of Homeland Security. Accessed January 20, 2020.
                       https://www.us-cert.gov/.

                   Committee of Sponsoring Organizations of the Treadway Commission, Enterprise Risk
                       Management – Integrating with Strategy and Performance. https://www.coso.org-
                       /Pages/erm.aspx

                   National Vulnerability Database, NIST. Accessed January 20, 2020. https://nvd.nist.gov/.
                   U.S. House of Representatives Committee on Oversight and Government Reform. “The Equifax
                       Data Breach.” Majority Staff Report, 115th Congress. December 2018. https://republicans-
                       oversight.house.gov/wp-content/uploads/2018/12/Equifax-Report.pdf.

                   Additional Reading

                   Bonney, Bill, Gary Hayslip, and Matt Stamper. CISO Desk Reference: A Practical Guide for
                       CISOs. San Diego: CISO DRG, 2019. https://bookstore.theiia.org/ciso-desk-reference-guide-
                       a-practical-guide-for-cisos.
                   Buckley, Shannon. “Auditing the Incident and Problem Management Process.” Internal Auditor,
                       January 1, 2012. https://iaonline.theiia.org/auditing-the-incident-and-problem-management-
                       process.
                   Gibbs, Nelson, Divakar Jain, Amitesh Joshi, Surekha Muddamsetti, and Sarabjot Singh. A New
                       Auditor's Guide to Planning, Performing, and Presenting IT Audits. Altamonte Springs, FL:
                       The IIA Research Foundation, 2010. https://bookstore.theiia.org/a-new-auditors-guide-to-
                       planning-performing-and-presenting-it-audits.

                   Mahfuz, Abu Sayed. Software Quality Assurance: Integrating Texting, Security, and Audit. UK:
                       CRC Press: An Auerbach Book, 2016. https://bookstore.theiia.org/software-quality-
                       assurance-integrating-testing-security-and-audit.

                   Whittaker, Zack. “Equifax breach was ‘entirely preventable’ had it used basic security measures,
                       says House report,” TechCrunch.com, December 18, 2018,
                       https://techcrunch.com/2018/12/10/equifax-breach-preventable-house-oversight-report/.








                   38 — theiia.org
   296   297   298   299   300   301   302   303   304   305   306