Dear All,
I am a newcomer on the forum. I am studying the Information System, and I need to write an essay on IS risk, control, assurance and aduiting consulting, with citations to at least 4 textbooks, have anyone got any ideas??

Thanks

You may want to visit the ISACA website - Information Systems Audit and Control Association. You can find out if there is a chapter near you, and make contact with the officers.

http://www.isaca.org/

There may be a local chapter, and if you can go to one of their meetings as a student, you'll meet many IT auditors who will be willing to share experience, references and sources of information. They are a great group. Good luck on your studies.

www.theiia.org/itaudit provides hundreds of articies on IT security, risk, and audit.

http://www.ffiec.gov/ffiecinfobase/index.html is an information warehouse for the US banking regulators. There are several booklets on IT audit, information security, etc., as well as links to over a hundred regulatory issuances (OCC bulletins, FDIC's Financial Institution Letters, etc.)

http://www.sans.org/index.php. This is SANS' web site. Excerpt from their web site - "SANS is the most trusted and by far the largest source for information security training and certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - Internet Storm Center."

http://csrc.nist.gov/publications/nistpubs/index.html. This is NIST's (National Institute of Standards an Technology) web site. They have numerous detailed publications / standards on IT risk and security.

Feel free to email me at thoover@gnty.com if you need further references.

I am completing a self-study course on this book:

http://www.amazon.com/exec/obidos/tg/detail/-/0072229578/qid=1071846799/sr=1-1/ref=sr_1_1/104-3178423-4967109?v=glance&s=books

I highly recommend it.

I agree with all posters and I concur with Risk Officer that the sans.org website is of allmost unlimited resources and information pertaining to your research.

Good luck on your project!