Audit Resources
- The Institute of Internal Auditors
- The Association of College and University Auditors
- The Association of Healthcare Internal Auditors
- The Information Systems Audit and Control Association
IT Security Resources
- SANS CIS Controls v8
The CIS Controls (formerly known as Critical Security Controls) are a recommended set of actions for cyber defense that provide specific and actionable ways to stop today’s most pervasive and dangerous attacks. SANS supports the CIS Controls with training, research, and certification. Details can be reviewed at: http://www.cisecurity.org/controls/v8. - OWASP Web Application Security Risks
The Open Web Application Security Project (OWASP) is a worldwide not-for-profit charitable organization focused on improving the security of software. Details on the Ten most critical web application security risks can be reviewed at https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
Penn Resources
- Computing Policies and Guidelines
- HR Policies and Procedures
- Purchasing Card Audit Guidelines for Schools and Centers
- University Financial Policy Manual
- University Policies Home Page
This page links to many important Penn policies and compendia of policies in some of the many areas that affect Penn faculty, staff, students and the community overall.