Understanding and Conducting Information Systems Auditing + Website

Front Cover
John Wiley & Sons, Jan 30, 2013 - Business & Economics - 304 pages
0 Reviews
A comprehensive guide to understanding and auditing modern information systems

The increased dependence on information system resources for performing key activities within organizations has made system audits essential for ensuring the confidentiality, integrity, and availability of information system resources. One of the biggest challenges faced by auditors is the lack of a standardized approach and relevant checklist. Understanding and Conducting Information Systems Auditing brings together resources with audit tools and techniques to solve this problem.

Featuring examples that are globally applicable and covering all major standards, the book takes a non-technical approach to the subject and presents information systems as a management tool with practical applications. It explains in detail how to conduct information systems audits and provides all the tools and checklists needed to do so. In addition, it also introduces the concept of information security grading, to help readers to implement practical changes and solutions in their organizations.

  • Includes everything needed to perform information systems audits
  • Organized into two sections—the first designed to help readers develop the understanding necessary for conducting information systems audits and the second providing checklists for audits
  • Features examples designed to appeal to a global audience

Taking a non-technical approach that makes it accessible to readers of all backgrounds, Understanding and Conducting Information Systems Auditing is an essential resource for anyone auditing information systems.

 

What people are saying - Write a review

We haven't found any reviews in the usual places.

Contents

Preface
Overview of Systems Audit
List of Illustrations
Hardware Security Objective
Information Systems Audit Requirements
Conducting an Information Systems Audit
RiskBased Systems Audit
Business Continuity and Disaster
Auditing in the ECommerce
Security Testing
3 Image of the Genuine Website
Digital Evidence
List of Tables
ISecGrade Auditing Framework
ISecGrade Checklists
6 Authentication Devices Checklist

Format
Format

Other editions - View all

Common terms and phrases

About the author (2013)

VEENA HINGARH is Joint Director of the South Asian Management Technologies Foundation, a center for research, training, and application in the areas of finance and risk management, which provides training in areas including IS auditing, enterprise risk management, and risk modeling. Winner of numerous merit-based awards during her career, Hingarh's major areas of focus are IFRS and IS. She speaks frequently at conferences and platforms throughout Asia and the Middle East. Hingarh is a Chartered Accountant from the Institute of Chartered Accountants of India (ICAI), Certified Company Secretary of the Institute of Company Secretaries of India (ICSI), and Certified Information System Auditor (CISA) from ISACA (USA).

ARIF AHMED is a professor at and Director of the South Asian Management Technologies Foundation as well as a Chartered Accountant from the Institute of Chartered Accountants of India (ICAI). He is an Information Security Management System Lead Auditor for the British Standards Institution. Ahmed's areas of focus are finance and risk management, and he has over two decades of postqualification experience in training and strategic consulting. He has been interviewed and quoted throughout the media and has spoken at various seminars and institutions, including the Institute of Chartered Accountants of India, XLRI, and the Institute of Company Secretaries of India.

Bibliographic information