Standard for Auditing Computer Applications, Second Edition
A Standard for Auditing Computer Applications is a dynamic new resource for evaluating all aspects of automated business systems and systems environments. At the heart of A Standard for Auditing Computer Applications system is a set of customizable workpapers that provide blow-by-blow coverage of all phases of the IT audit process for traditional mainframe, distributed processing, and client/server environments.
A Standard for Auditing Computer Applications was developed by Marty Krist, an acknowledged and respected expert in IT auditing. Drawing upon his more than twenty years of auditing experience with leading enterprise organizations, worldwide, Marty walks you step-by-step through the audit process for system environments and specific applications and utilities. He clearly spells out what you need to look for and where to look for it, and he provides expert advice and guidance on how to successfully address a problem when you find one.
When you order A Standard for Auditing Computer Applications, you receive a powerful package containing all the forms, checklists, and templates you'll ever need to conduct successful audits on an easy to use CD-ROM. Designed to function as a handy, on-the-job resource, the book follows a concise, quick-access format. It begins with an overview of the general issues inherent in any IT review. This is followed by a comprehensive review of the audit planning process. The remainder of the book provides you with detailed, point-by-point breakdowns along with proven tools for:
What people are saying - Write a review
We haven't found any reviews in the usual places.
THE EVALUATION AND ACCEPTANCE PHASE 201
Setting Objectives for the Audit 207
INITIAL REVIEW PROCEDURES 211
DEVELOP A DETAILED PLAN 241
TEST DATA INTEGRITY 261
CERTIFY COMPUTER SECURITY 271
ANALYZE AUDIT RESULTS 281
REVIEW AND REPORT AUDIT FINDINGS 291
_AUDITOR_ _96/month/day Approved acceptance phase activities analysis application software application system appropriate audit management audit objectives audit planning Audit Professional audit program audit report auditor automated application backup Business Continuity Planning certiﬁcation change management Comments conﬁrm control questionnaire data center date _96 date _AUDITOR_ _96/month/day deﬁciencies deﬁned deﬁnition phase deliverables determine difﬁcult effective end user ensure environment ﬁeld ﬁeldwork ﬁle ﬁnal ﬁnancial ﬁnd ﬁndings ﬁre ﬁrst ﬁve function hardware identiﬁed implementation initiation phase installation internal audit internal control key lock locks manual memo ment needed operations organization password performed personal computer personnel potential Prepared problem project plan questionnaire responses recommendations recovery risk assessment SDLC security and control senior management sign-on signiﬁcant speciﬁc standards strategic sufﬁcient system development methodology systems development task tion transactions updated veriﬁcation workﬂow diagram workpapers Y/N Y/N Y/N YES NO N/A