IIA Issues Free Guides to Help Assess IT Risk

The Institute of Internal Auditors recently released its second and third guides to help managers and auditors assess information technology risk. The Guide for IT General Control Deficiency Assessments is designed to help users determine whether deficiencies qualify as significant deficiencies or material weaknesses. The Guide for Business and IT Risk can be used to identify controls which are critical in achieving business goals. A previous guide for methodology was designed to measure the scope of general information technology controls. The guides can be downloaded for free at

IIA Guide

.