has hundreds of informative articles on IT auditing, ranging in complexity from the new auditor to very technical issues.
Definitely check your regulators website and / or the FFIEC IT InfoBase mentioned by incandescent above. In addition to the IT booklets, there are probably a hundred or more IT related issuances (FILs, OCC Bulletins, etc.) from the various regulators.
IT is a deep and complex subject, even at a small bank. You might consider, at least for the first time around, bringing in an external IT auditor to help establish the audit program and transfer some knowledge to your auditor.