IT Auditing: Using Controls to Protect Information Assets

Front Cover
McGraw Hill Professional, Jan 12, 2007 - Computers - 387 pages
Protect Your Systems with Proven IT Auditing Strategies

"A must-have for auditors and IT professionals." -Doug Dexter, CISSP-ISSMP, CISA, Audit Team Lead, Cisco Systems, Inc.

Plan for and manage an effective IT audit program using the in-depth information contained in this comprehensive resource. Written by experienced IT audit and security professionals, IT Auditing: Using Controls to Protect Information Assets covers the latest auditing tools alongside real-world examples, ready-to-use checklists, and valuable templates. Inside, you'll learn how to analyze Windows, UNIX, and Linux systems; secure databases; examine wireless networks and devices; and audit applications. Plus, you'll get up-to-date information on legal standards and practices, privacy and ethical issues, and the CobiT standard.

Build and maintain an IT audit function with maximum effectiveness and value

  • Implement best practice IT audit processes and controls
  • Analyze UNIX-, Linux-, and Windows-based operating systems
  • Audit network routers, switches, firewalls, WLANs, and mobile devices
  • Evaluate entity-level controls, data centers, and disaster recovery plans
  • Examine Web servers, platforms, and applications for vulnerabilities
  • Review databases for critical controls
  • Use the COSO, CobiT, ITIL, ISO, and NSA INFOSEC methodologies
  • Implement sound risk analysis and risk management practices
  • Drill down into applications to find potential control weaknesses
 

What people are saying - Write a review

We haven't found any reviews in the usual places.

Contents

Audit Overview
1
Auditing Techniques
59
Frameworks Standards and Regulations
305
Index
369
Copyright

Other editions - View all

Common terms and phrases

About the author (2007)

Chris Davis, CISA, CISSP, shares his experience from architecting, hardening, and auditing systems. He has trained auditors and forensic analysts. Davis is the coauthor of the bestselling Hacking Exposed: Computer Forensics.

Mike Schiller, CISA, has 14 years of experience in the IT audit field, most recently as the worldwide IT Audit Manager at Texas Instruments.

Kevin Wheeler, CISA, CISSP, NSA IAM/IEM, is the founder and CEO of InfoDefense and has over ten years of IT security experience.

Bibliographic information