Useful links
keep your knowledge up to dateOn this page you will find links to relevant organisations and materials to help advance your knowledge and keep you up to date.
PROFESSIONAL BODIES
British Computer Society: The UK based Chartered Institute that promotes and champions the IT profession.
Institute of Risk Management: The Leading UK body for Risk Management.
IIA Inc: The Global organisation representing Institutes of Internal Auditing worldwide and the International Professional Practice Framework leading to Standards and Guidance from IIA Global.
IIA Australia: What’s going on in Internal Auditing down-under.
The Information Commissioner’s Office: Data protection and personal data matters – the UK’s independent authority set up to uphold information rights in the public interest.
The Chartered Institute of Public Finance and Accountancy: Public Services Sector Financial Management in the UK.
The Information Systems Audit and Control Association (ISACA): Independent not-for-profit organisation, home of CISA, CISM, CGEIT, and CRISC qualifications.
The Information Systems Security Association: A not-for-profit, international organisation of information security professionals and practitioners.
Chartered Governance Institute UK & Ireland: Global voice on governance and compliance issues in the private, public and not-for-profit sectors.
The Association for Project Management: The voice of Project Management with 21,000+ members making it the largest project professionals body in Europe.
The Association for Certified Fraud Examiners: The global organisation representing anti-fraud professionals.
LEGISLATION – UK
UK Legislation: Search UK legislation within the National Archives.
Computer Misuse Act 1990: Computer abuse, intrusion and unauthorised access to computer data and systems.
Consumer Protection (Distance Selling) Regulations 2000: Online ordering and purchases made from home.
Data Protection Act Audit Guide: A Guide to Data Protection Audits performed by staff of the of the Information Commissioner’s Office.
Electronic Communications Act 2000: Cryptography and the facilitation of electronic commerce using of digital signatures.
GOVERNANCE AND RISK MANAGEMENT
UK Corporate Governance Codes: Governance codes, standards and reports via the ICAEW.
OECD – Organisation for Economic Cooperation and Development: International Corporate Governance issues.
The Committee of Sponsoring Organisations of the Treadway Commission (COSO): Organisation dedicated to improving the quality of financial reporting through ethics, effective internal controls, and corporate governance.
FERMA – the Federation of European Risk Management Associations: The Federation of European Risk Management Associations (FERMA) exists to lead and enhance the effective practice of risk management, risk financing and insurance.
ISO – Standards – ISO 31000: This link takes you to the International Standard for Risk Management and related standards.
STANDARDS PROVIDERS
International Organization for Standardization (ISO): Important ISO standards include: ISO 9000 (Quality); ISO 14000 (Environment); ISO 27000 (Information Security); ISO 38500 (IT Corporate Governance) and ISO 31000 (Risk Management).
BSI – the BrItish Standards Institute: The UK body that helps formulate Business Standards.
IEEE Standards: Responsible for many IT Network standards.
AUDIT RESOURCES – RISK MANAGEMENT – SPREADSHEETS – IT
EuSpRIG: The global group that specialises in processes and methods to inventory, test, correct, document, backup, archive, compare and control the legions of spreadsheets that support critical corporate infrastructure.
Phishing Scams: Site listing current examples of phishing scams.
Federation against Software Theft: The group that promotes compliance with the law on software copyright and the prevention of software piracy.
US CISA/CERT: United States Cybersecurity & Infrastructure Security Agency providing up to date news and advice about computer software vulnerabilities.
Computer Security Resource Centre (CSRC): A Division of the National Institute of Science and Technology – a useful resource for current news on cybersecurity, security standards and security debate.