Norman’s Books

Over the years, I have written a number of books on internal audit, risk management, and other topics.

My latest (and also my first) is on the topic of SOX (see the separate tab). But here’s a list of my other books:

X

Internal Audit

• Auditing at the Speed of Risk with an Agile, Continuous Audit Plan
• Auditing that Matters
  • Auditing that Matters: Case Studies
  • Auditing that Matters: Case Studies Discussion Guide
• Is your Internal Audit World-Class? A Maturity Model for Internal Audit
• World-Class Internal Audit: Tales from my Journey

X

Risk Management

• Understanding the Business Risk that is Cyber: A guide for both business executives and InfoSec managers to bridge the gap
• Risk Management for Success
• Making Business Sense of Technology Risk
• Risk Management in Plain English: A Guide for Executives: Enabling Success through Intelligent and Informed Risk-Taking
• World-Class Risk Management
  • World-Class Risk Management for Nonprofits (with Melanie L. Herman)

X

Others

• Adventures in the Audit Trade (a novel)
• How Good is your GRC? Twelve Questions to Guide Executives, Boards, and Practitioners
• Meet My Mother, Mrs. Maisie Myra Marks (the biography of a remarkable lady who went from nothing to being the owner of a company who was awarded the MBE by the Queen).