References
- A Comparison of Internal Controls . COBIT, SAC, COSO and SAS 55/78, Colbert, Janet L., Ph.D, CPA, CIA, and Paul L. Bowen, Ph.D, CPA; [on-line]; Information Systems Control Journal available at http://www.isaca.org/bkr_cbt3.htm.
- American Institute of Certified Public Accounting . IT and the Audit, George H. Tucker, (online); available at http://www.aicpa.org/pubs/jofa/sept2001/tucker.htm.
- Carnegie Mellon University . Everything You Wanted to Know about Internal Auditing , (online); available at http://www.cmu.edu/internal_audit/Q&A.html#FUNCTION.
- COBIT 3RD Edition . 2002 . July (online); available at http://www.isaca.org/cobit.htm.
- Gallegos , Frederick and Carlin , Ann . 2003 . Best Practices in Due Professional Care: An IT Audit Perspective , June submitted to Auerbach, publication pending.
- Gallegos , Frederick , Manson , Daniel P. and Allen-Senft , Sandra . 1999 . Information Technology Control and Audit , Auerbach Publications .
- Information Systems Audit and Control Foundation, (online) . standards available from http://www.isaca.org/.
- Institute of Internal Auditors, (online) . standards available at http://www.theiia.org/iia/index.
- National Institute of Standards and Technology, Role Based Access Control . (online); available at http://csrc.nist.gov/publications/nistbul/csl95–12.txt.
- 2002 . National Strategy for the Physical Protection of Critical Infrastructures and Key Assets , http://www.whitehouse. gov/pcipb/physical.html.
- Proposed Rule: Disclosure Required by Sections 404 . 406 and 407 of the Sarbanes-Oxley Act of 2002, Securities and Exchange Commission,17 CFR PARTS 210, 228, 229, 240, 249, 270, and 274, Release Nos. 33–8138; 34–46701; IC-25775; File No. S7–40-02.
- RIN 3235-AI66 . 2002 . Disclosure Required by Sections 404, 406, and 407 of the Sarbanes-Oxley Act of, (online); available at http://www.sec.gov/rules/proposed/33–8138.htm.
- Sarbanes-Oxley . Web site: www.sarbanes-oxley.com.
- Sarbanes-Oxley Act (H.R. 6763) . Public Law 107–204, http://www.riahome.com/newlaw/fulltext.pdf.
- Singleton , Tommie . 2003 . The Ramifications of Sarbanes-Oxley . Information Systems Control Journal , 3 : 11 – 16 .
- The Securities Exchange Act of . 1934 . Section 15A Registered Securities Association . http://www.law.uc.edu/CCL/34Act/sec15A.html.
- 2002 . The National Strategy for Securing Cyberspace , http://www.whitehouse.gov/pcipb/.