Author: Xenia Ley Parker
Publisher: CCH
ISBN: 9780808091844
Category : Business & Economics
Languages : en
Pages : 836

View

Book Description
This up-to-the-minute guide helps you become more proactive and meet the growing demand for integrated audit services in the 21st century. Wide-ranging in scope, Information Technology Audits offers expert analysis, practical tools, and real-world techniques designed to assist in preparing for and performing integrated IT audits. Written by a seasoned auditor with more than 22 years of IT audit experience, Information Technology Audits provides the first practical, hands-on look at how organizations use and control information to meet business objectives, and offers strategies to assess whether the company's controls adequately protect its information systems. Practice aids are available on a free companion CD-ROM.

Author: Angel R. Otero
Publisher: CRC Press
ISBN: 0429877323
Category : Computers
Languages : en
Pages : 514

View

Book Description
The new fifth edition of Information Technology Control and Audit has been significantly revised to include a comprehensive overview of the IT environment, including revolutionizing technologies, legislation, audit process, governance, strategy, and outsourcing, among others. This new edition also outlines common IT audit risks, procedures, and involvement associated with major IT audit areas. It further provides cases featuring practical IT audit scenarios, as well as sample documentation to design and perform actual IT audit work. Filled with up-to-date audit concepts, tools, techniques, and references for further reading, this revised edition promotes the mastery of concepts, as well as the effective implementation and assessment of IT controls by organizations and auditors. For instructors and lecturers there are an instructor’s manual, sample syllabi and course schedules, PowerPoint lecture slides, and test questions. For students there are flashcards to test their knowledge of key terms and recommended further readings. Go to http://routledgetextbooks.com/textbooks/9781498752282/ for more information.

Author: Frederick Gallegos
Publisher: Auerbach Publications
ISBN: 9780849399947
Category : Computers
Languages : en
Pages : 624

View

Book Description
As you know, today's complex computing environment and shrinking departmental budgets make it vital for IT auditors and security professionals to have practical guidance on conducting audits and ensuring security in today's stretched and quickly changing computing environments. Whether you're new to IT auditing or have years of experience, Information Technology Control and Audit provides you with tools and techniques to solve the audit, control, and security problems and issues you face today. It provides guidance on conducting IT audits on new and legacy systems, coverage of changes in financial and computing standards, explanations of the vulnerabilities of emerging systems, and tips on how to do your job more effectively.

Author: Richard E. Cascarino
Publisher: John Wiley & Sons
ISBN: 0470127031
Category : Business & Economics
Languages : en
Pages : 510

View

Book Description
Praise for Auditor's Guide to Information Systems Auditing "Auditor's Guide to Information Systems Auditing is the most comprehensive book about auditing that I have ever seen. There is something in this book for everyone. New auditors will find this book to be their bible-reading it will enable them to learn what the role of auditors really is and will convey to them what they must know, understand, and look for when performing audits. For experiencedauditors, this book will serve as a reality check to determine whether they are examining the right issues and whether they are being sufficiently comprehensive in their focus. Richard Cascarino has done a superb job." —E. Eugene Schultz, PhD, CISSP, CISM Chief Technology Officer and Chief Information Security Officer, High Tower Software A step-by-step guide tosuccessful implementation and control of information systems More and more, auditors are being called upon to assess the risks and evaluate the controls over computer information systems in all types of organizations. However, many auditors are unfamiliar with the techniques they need to know to efficiently and effectively determine whether information systems are adequately protected. Auditor's Guide to Information Systems Auditing presents an easy, practical guide for auditors that can be applied to all computing environments. As networks and enterprise resource planning systems bring resources together, and as increasing privacy violations threaten more organization, information systems integrity becomes more important than ever. With a complimentary student'sversion of the IDEA Data Analysis Software CD, Auditor's Guide to Information Systems Auditing empowers auditors to effectively gauge the adequacy and effectiveness of information systems controls.

Author: Philippe Peret
Publisher: CRC Press
ISBN: 9781032136172
Category : Business & Economics
Languages : en
Pages : 0

View

Book Description
The digitalization of companies is a recurrent topic of conversation for managers. Long gone are the days of auditors specializing in one technique. This book proposes how you step by step go from a common understanding of our history of auditing to gradually define and justify the impacts on the audit strategy and the preparation of audits.

Author: Jack J. Champlain
Publisher: John Wiley & Sons
ISBN: 0471466298
Category : Business & Economics
Languages : en
Pages : 450

View

Book Description
Have you been asked to perform an information systems audit and don't know where to start? Examine a company's hardware, software, and data organization and processing methods to ensure quality control and security with this easy, practical guide to auditing computer systems--the tools necessary to implement an effective IS audit. In nontechnical language and following the format of an IS audit program, you'll gain insight into new types of security certifications (e.g., TruSecure, CAP SysTrust, CPA WebTrust) as well as the importance of physical security controls, adequate insurance, and digital surveillance systems. Order your copy today!

Author: Robert F. Dacey
Publisher: DIANE Publishing
ISBN: 1437914063
Category : Business & Economics
Languages : en
Pages : 601

View

Book Description
FISCAM presents a methodology for performing info. system (IS) control audits of governmental entities in accordance with professional standards. FISCAM is designed to be used on financial and performance audits and attestation engagements. The methodology in the FISCAM incorp. the following: (1) A top-down, risk-based approach that considers materiality and significance in determining audit procedures; (2) Evaluation of entitywide controls and their effect on audit risk; (3) Evaluation of general controls and their pervasive impact on bus. process controls; (4) Evaluation of security mgmt. at all levels; (5) Control hierarchy to evaluate IS control weaknesses; (6) Groupings of control categories consistent with the nature of the risk. Illus.

Author: Craig S. Wright
Publisher: Elsevier
ISBN: 0080560172
Category : Computers
Languages : en
Pages : 758

View

Book Description
The IT Regulatory and Standards Compliance Handbook provides comprehensive methodology, enabling the staff charged with an IT security audit to create a sound framework, allowing them to meet the challenges of compliance in a way that aligns with both business and technical needs. This "roadmap" provides a way of interpreting complex, often confusing, compliance requirements within the larger scope of an organization's overall needs. - The ulitmate guide to making an effective security policy and controls that enable monitoring and testing against them - The most comprehensive IT compliance template available, giving detailed information on testing all your IT security, policy and governance requirements - A guide to meeting the minimum standard, whether you are planning to meet ISO 27001, PCI-DSS, HIPPA, FISCAM, COBIT or any other IT compliance requirement - Both technical staff responsible for securing and auditing information systems and auditors who desire to demonstrate their technical expertise will gain the knowledge, skills and abilities to apply basic risk analysis techniques and to conduct a technical audit of essential information systems from this book - This technically based, practical guide to information systems audit and assessment will show how the process can be used to meet myriad compliance issues

Author: Robert E. Davis
Publisher: CRC Press
ISBN: 1000416089
Category : Business & Economics
Languages : en
Pages : 298

View

Book Description
"A much-needed service for society today. I hope this book reaches information managers in the organization now vulnerable to hacks that are stealing corporate information and even holding it hostage for ransom." – Ronald W. Hull, author, poet, and former professor and university administrator A comprehensive entity security program deploys information asset protection through stratified technological and non-technological controls. Controls are necessary for counteracting threats, opportunities, and vulnerabilities risks in a manner that reduces potential adverse effects to defined, acceptable levels. This book presents a methodological approach in the context of normative decision theory constructs and concepts with appropriate reference to standards and the respective guidelines. Normative decision theory attempts to establish a rational framework for choosing between alternative courses of action when the outcomes resulting from the selection are uncertain. Through the methodological application, decision theory techniques can provide objectives determination, interaction assessments, performance estimates, and organizational analysis. A normative model prescribes what should exist according to an assumption or rule.

Author: Stephen D. Gantz
Publisher: Elsevier
ISBN: 0124171761
Category : Computers
Languages : en
Pages : 271

View

Book Description
The Basics of IT Audit: Purposes, Processes, and Practical Information provides you with a thorough, yet concise overview of IT auditing. Packed with specific examples, this book gives insight into the auditing process and explains regulations and standards such as the ISO-27000, series program, CoBIT, ITIL, Sarbanes-Oxley, and HIPPA. IT auditing occurs in some form in virtually every organization, private or public, large or small. The large number and wide variety of laws, regulations, policies, and industry standards that call for IT auditing make it hard for organizations to consistently and effectively prepare for, conduct, and respond to the results of audits, or to comply with audit requirements. This guide provides you with all the necessary information if you're preparing for an IT audit, participating in an IT audit or responding to an IT audit. - Provides a concise treatment of IT auditing, allowing you to prepare for, participate in, and respond to the results - Discusses the pros and cons of doing internal and external IT audits, including the benefits and potential drawbacks of each - Covers the basics of complex regulations and standards, such as Sarbanes-Oxley, SEC (public companies), HIPAA, and FFIEC - Includes most methods and frameworks, including GAAS, COSO, COBIT, ITIL, ISO (27000), and FISCAM