|ISACA/ITGI Research Publications
- COBIT and Application Controls: A management Guide
This guide helps business executives, business
management, and IT management, as well as IT developers and implementers,
internal and external auditors and other professionals manage and provide
assurance regarding application controls.
- COBIT Security Baseline: An Information Security Survival Kit, 2nd Edition
This guide, based on COBIT 4.1, consists of a comprehensive set of resources that contains the information organizations need to adopt an IT governance and control framework. COBIT covers security in addition to all the other risks that can occur with the use of IT. COBIT Security Baseline focuses on the specific risk of IT security in a way that is simple to follow and implement for the home user or the user in small to medium enterprises, as well as executives and board members of larger organizations.
- COBIT 4.1
This newest version of ISACA’s world-renowned IT governance and control framework offers incremental changes to version 4.0, presenting a streamlined, pragmatic and business-focused approach to implementing IT governance enterprisewide.
- IT Control Objectives for Sarbanes-Oxley 2nd Edition
ITGI has released an updated edition of its well-received publication, IT Control Objectives for Sarbanes-Oxley. The first edition, published in 2004, has been downloaded more than 250,000 times. Companies around the world have used it as a tool for evaluating IT controls in support of Sarbanes-Oxley compliance. Experts from many organizations, including the top 10 accounting and professional firms, provided input and direction for the update. Now available in Japanese and Italian.
- COBIT Quickstart
This is an abbreviated version of COBIT designed for small to medium enterprises, or those organizations in which IT is not strategically critical to enterprise success. Available from the ISACA Bookstore.
- IT Assurance Framework
Issued by ITGI’s affiliate, ISACA, ITAF is a comprehensive and good-practice-setting model that provides guidance on the design, conduct and reporting of IT audit and assurance assignments; defines terms and concepts specific to IT assurance; and establishes standards that address IT audit and assurance professional roles and responsibilities, knowledge and skills, and diligence, conduct and reporting requirements.