Useful links

keep your knowledge up to date
Home » Resources » Useful links

On this page you will find links to relevant organisations and materials to help advance your knowledge and keep you up to date.

PROFESSIONAL BODIES

British Computer Society: The UK based Chartered Institute that promotes and champions the IT profession.

Institute of Risk Management: The Leading UK body for Risk Management.

IIA Inc: The Global organisation representing Institutes of Internal Auditing worldwide and the International Professional Practice Framework leading to Standards and Guidance from IIA Global.

IIA Australia: What’s going on in Internal Auditing down-under.

The Information Commissioner’s Office: Data protection and personal data matters –  the UK’s independent authority set up to uphold information rights in the public interest.

The Chartered Institute of Public Finance and Accountancy: Public Services Sector Financial Management in the UK.

The Information Systems Audit and Control Association (ISACA): Independent not-for-profit organisation, home of CISA, CISM, CGEIT, and CRISC qualifications.

The Information Systems Security Association: A not-for-profit, international organisation of information security professionals and practitioners.

Chartered Governance Institute UK & Ireland: Global voice on governance and compliance issues in the private, public and not-for-profit sectors.

The Association for Project Management: The voice of Project Management with 21,000+ members making it the largest project professionals body in Europe.

The Association for Certified Fraud Examiners: The global organisation representing anti-fraud professionals.

LEGISLATION – UK

UK Legislation:  Search UK legislation within the National Archives.

Computer Misuse Act 1990Computer abuse, intrusion and unauthorised access to computer data and systems.

Consumer Protection (Distance Selling) Regulations 2000: Online ordering and purchases made from home.

Data Protection Act Audit Guide: A Guide to Data Protection Audits performed by staff of the of the Information Commissioner’s Office.

Electronic Communications Act 2000: Cryptography and the facilitation of electronic commerce using of digital signatures.

GOVERNANCE AND RISK MANAGEMENT

UK Corporate Governance Codes: Governance codes, standards and reports via the ICAEW.

OECD – Organisation for Economic Cooperation and Development: International Corporate Governance issues.

The Committee of Sponsoring Organisations of the Treadway Commission (COSO): Organisation dedicated to improving the quality of financial reporting through ethics, effective internal controls, and corporate governance.

FERMA – the Federation of European Risk Management Associations: The Federation of European Risk Management Associations (FERMA) exists to lead and enhance the effective practice of risk management, risk financing and insurance.

ISO – Standards – ISO 31000: This link takes you to the International Standard for Risk Management and related standards.

STANDARDS PROVIDERS

International Organization for Standardization (ISO): Important ISO standards include: ISO 9000 (Quality); ISO 14000 (Environment); ISO 27000 (Information Security); ISO 38500 (IT Corporate Governance) and ISO 31000 (Risk Management).

BSI – the BrItish Standards Institute: The UK body that helps formulate Business Standards.

IEEE Standards: Responsible for many IT Network standards.

AUDIT RESOURCES – RISK MANAGEMENT – SPREADSHEETS – IT

EuSpRIG: The global group that specialises in processes and methods to inventory, test, correct, document, backup, archive, compare and control the legions of spreadsheets that support critical corporate infrastructure.

Phishing Scams: Site listing current examples of phishing scams.

Federation against Software Theft: The group that promotes compliance with the law on software copyright and the prevention of software piracy.

US CISA/CERT: United States Cybersecurity & Infrastructure Security Agency providing up to date news and advice about computer software vulnerabilities.

Computer Security Resource Centre (CSRC): A Division of the National Institute of Science and Technology – a useful resource for current news on cybersecurity, security standards and security debate.