The Institute of Internal Auditors (IIA) has back-to-basics articles for new auditors (and like Dummies books, the topics can be a reference for the rest of us). Even security pros might want to read a few of these to better understand their auditors, or how those auditors should be doing their jobs.
The topics are as follows (no special order):
- Planning for Success
- Effective Kickoff Meetings
- Attribute Sampling Plans
- Producing Quality Workpapers
- Follow-up Engagements
- Effective Internal Audit Reports
- Documenting Internal Controls
- Understanding Procurement Activities
1/20/15 I had a longer list originally, but the IIA took some of those articles offline, so I removed them from the list. I revised all the above links.
While you’re at it, consider reading these previous posts of mine:
Audit and IT Audit for Dummies
ITauditSecurity 
Pingback: What IT Auditors Ought to Know – and Don’t! | ITauditSecurity
Pingback: New IT Auditors Should Start Here | ITauditSecurity
Pingback: Use LinkedIn to get an IT Audit job | ITauditSecurity
Pingback: New IT Auditor (and WannaBEs) Master List | ITauditSecurity