Auditor's Guide to IT Auditing, + Software Demo

Front Cover
John Wiley & Sons, Apr 3, 2012 - Business & Economics - 464 pages
0 Reviews
Step-by-step guide to successful implementation and control of IT systems—including the Cloud

Many auditors are unfamiliar with the techniques they need to know to efficiently and effectively determine whether information systems are adequately protected. Now in a Second Edition, Auditor's Guide to IT Auditing presents an easy, practical guide for auditors that can be applied to all computing environments.

  • Follows the approach used by the Information System Audit and Control Association's model curriculum, making this book a practical approach to IS auditing
  • Serves as an excellent study guide for those preparing for the CISA and CISM exams
  • Includes discussion of risk evaluation methodologies, new regulations, SOX, privacy, banking, IT governance, CobiT, outsourcing, network management, and the Cloud
  • Includes a link to an education version of IDEA--Data Analysis Software

As networks and enterprise resource planning systems bring resources together, and as increasing privacy violations threaten more organization, information systems integrity becomes more important than ever. Auditor's Guide to IT Auditing, Second Edition empowers auditors to effectively gauge the adequacy and effectiveness of information systems controls.

 

What people are saying - Write a review

We haven't found any reviews in the usual places.

Contents

Technology and Audit
3
IT Audit Function Knowledge
25
IT Risk and Fundamental Auditing Concepts
33
Standards and Guidelines for IT Auditing
47
Internal Controls Concepts Knowledge
57
Risk Management of the IT Function
73
Audit Planning Process
85
Audit Management
93
Audit and Development
243
INFORMATION TECHNOLOGY SERVICE
253
ServiceCenter Management
265
PROTECTION OF INFORMATION ASSETS
271
27
277
Logical Information Technology Security
283
Applied Information Technology Security
297
Physical and Environmental Security
305

Audit Evidence Process
103
Audit Reporting Followup
123
INFORMATION TECHNOLOGY GOVERNANCE
131
Strategic Planning
147
Management Issues
159
Support Tools and Frameworks
169
Governance Techniques
179
SYSTEMS AND INFRASTRUCTURE LIFECYCLE
185
Information Management and Usage
199
Development Acquisition and Maintenance
207
Impact of Information Technology
215
25
221
Audit and Control of Purchased
229
Audit Role in Feasibility
237
Protection of the Information Technology
313
Displacement Control
323
ADVANCED IT AUDITING
329
Auditing UNIXLinux
345
Auditing Windows VISTA and Windows 7
355
Foiling the System Hackers
361
Preventing and Investigating
367
Appendix A Ethics and Standards for the IS Auditor
377
Logical Access Control Audit Program
393
Audit Program for Auditing
401
Appendix E Audit Program for Auditing Windows
407
About the Author
415
28
421
Copyright

Common terms and phrases

About the author (2012)

Richard E. Cascarino, MBA, CIA, CISA, CISM, is a consultant and lecturer with over thirty years' experience in internal, forensic, risk, and computer auditing. He is Managing Director of Richard Cascarino & Associates, a successful audit training and consultancy company. For the last twenty-five years, they have been providing consultancy and professional development services to clients throughout the southern African region as well as Europe, the Middle East, and the United States. He is a past president f the Institute of Internal Auditors South Africa (IIA SA), was the founding Regional Director of the Southern African Region of the IIA Inc., and is a member of both the Information Systems Audit and Control Association and the Association of Certified Fraud Examiners.

Bibliographic information