Useful links
If you find a broken link,
please help us and others by
send us email to let us know which link is broken. We
check links regularly, but many of the links on this page are to
external web sites and we have no control over changes made to
them.
PROFESSIONAL BODIES
British Computer Society
Institute of Risk Management
IIA
Inc parent body of IIA
International Professional Practice
Framework
Practice advisories and guides from the IIA
IIA
Australia
What's going on down-under
The Information Commissioner's Office
Data protection and personal data matters
The
Chartered Institute of Public Finance and Accountancy
The
Information Systems Audit and Control Association (ISACA)
The
Information Systems Security Association
A not-for-profit, international organisation of
information security professionals and practitioners
Institute of Chartered Secretaries and Administrators
Global voice on governance and regulatory issues in the
private, public and not-for-profit sectors
The
Association for Project Management
GOVERNANCE AND RISK
MANAGEMENT – EUROPE
The
Committee of Sponsoring Organisations of the Treadway Commission
(COSO)
Organisation dedicated to improving the quality of
financial reporting through ethics, effective internal controls,
and corporate governance
European Corporate Governance Institute and Codes of Practice
for all countries
OECD - Organisation for Economic Cooperation and Development
International Corporate Governance issues, including the
OECD Guidelines on Corporate Governance of State-Owned
Enterprises
UK
Corporate Governance Codes and
Reports
IT Governance Institute
Guidance on current and future issues pertaining to IT
governance, control and assurance
Institute of Risk Management – Risk Management Standard
HM Treasury Audit Committee Handbook
Best practice in governance for audit committees reflecting the
increasing significance of risk management.
AUDIT AND REPORTING
Financial Reporting Council
Links to Accounting Practices Board,
Auditing Practices Board and others
Audit Commission - Code of Audit
Practice 2005 - Local Government
Audit Commission - Code of Audit
Practice 2005 - Local NHS bodies
THE ENTERPRISE
Review of Civil Procurement in Central
Government
Gershon – Treasury Enterprise and
Productivity
Serious Fraud Office
Details of high profile frauds
LEGISLATION – UK &
EUROPE
Computer Misuse Act 1990
Computer abuse
Consumer Protection (Distance Selling) Regulations 2000
Convention for the Protection of Human Rights - Europe
Human Rights and the Council of Europe, read in
conjunction with UK Human Rights Act
Copyright, Designs and Patents Act 1988
(Includes) Software protection
Data Protection Act 1998
Personal data and personal & sensitive data
Data Protection Act Audit Guide
Audit Guide from the Office of the
Information Commissioner
Data Protection Act and Monitoring in the Workplace (pdf)
Electronic Communications Act 2000
Digital signatures
Data Protection in the European Union
Freedom of Information Act 2000
Health and Safety (Display Screen Equipment) Regulations 1992
Human Rights Act 1998
UK Human Rights Act
Acts
of the UK Parliament
Index to all legislation by year
Mobile Telephones (re-programming) Act 2002
Changing identity of devices
Privacy and Electronic (EC Directive) Regulations 2003
Legislation that assists privacy in the field of
telecommunications
Proceeds of Crime Act 2002
Seizure of assets
Regulations of Investigatory Powers Act 2000
Right to investigate, legality of electronic interception
Sustainable Energy Act 2003
Annual publication of development of sustainable energy
and reduction of pollution
PRIVACY AT WORK AND
AT HOME
Data Protection Act 1998
Personal data and personal & sensitive data
Data Protection Act and Monitoring in the Workplace (pdf)
Privacy and Electronic (EC Directive) Regulations 2003
OFCOM
The independent regulator for UK communications
Mail Preference Service
Block unwanted mail
Telephone Preference Service
Block unwanted telephone calls
FAX Preference Service
Block unwanted fax calls
STANDARDS AND
GUIDANCE
International Organization for Standardization (ISO)
Internet Protocol Standards – RFCs
BSI
Standards
ISO Standards
IEEE Standards
Including LANs and wireless networks
Example of House Style Guide
BBC News style guide
PROJECTS AND
SERVICES
Automated Requirement Measurement (ARM) Tool
Software to determine whether a specification is clear and
unambiguous
ITIL Self Assessment Spreadsheets
Best practice: IT Service Delivery / IT Service Support
(Excel Spreadsheets)
Office of Government Commerce
ITIL, Prince2, Programme Management and more ...
Prince2 Templates – Documentation for Project Management
(zip archive: MS Word Format)
Change management - tools and strategies that assist
change
Project Management Glossary
A glossary of project management terms from the
Association for Project Management
AUDIT RESOURCES
David Griffiths' website
With substantial Risk Based Internal Auditing resources
and links
EuSpRIG
Spreadsheet errors? Try a group promoting research in
spreadsheet risk
IT SECURITY
RESOURCES
The
Business Model for Information Security
Based on the white paper “Systemic
Security Management,” developed by the USC Marshall School of
Business Institute for Critical Information Infrastructure
Protection, this guide defines the core concepts that
business unit managers can use to align security program
activities with goals and priorities.
Phishing Scams
Site listing current examples of phishing scams
Federation against Software Theft
Compliance with the law on software piracy
Computer Emergency Response Team (CERT)
Centre of Internet security expertise
US
CERT
United States Computer Emergency Response Team
Computer Security Resource Centre (CSRC)
A National Institute of Science and Technology (NIST)
website
Internet Storm Centre
Gathers more than 3,000,000 intrusion detection log
entries every day, isolates sites that are used for attacks, and
provides authoritative data on the types of attacks that are
being mounted against computers in various industries and
regions around the globe
Security Focus
Vulnerability reporting
