Combines the areas of computer audit, computer control, and computer security in one book.; Offers step-by-step guidance on auditing, control, and security.; Provides numberous control objectives This section discusses IT audit cybersecurity and...
mehr
Bibliotheks-und Informationssystem der Carl von Ossietzky Universität Oldenburg (BIS)
Fernleihe:
keine Fernleihe
Standort:
Bibliotheks-und Informationssystem der Carl von Ossietzky Universität Oldenburg (BIS)
Fernleihe:
keine Fernleihe
Standort:
Bibliotheks-und Informationssystem der Carl von Ossietzky Universität Oldenburg (BIS)
Fernleihe:
keine Fernleihe
Combines the areas of computer audit, computer control, and computer security in one book.; Offers step-by-step guidance on auditing, control, and security.; Provides numberous control objectives This section discusses IT audit cybersecurity and privacy control activities from two focus areas. First is focus on some of the many cybersecurity and privacy concerns that auditors should consider in their reviews of IT-based systems and processes. Second focus area includes IT Audit internal procedures. IT audit functions sometimes fail to implement appropriate security and privacy protection controls over their own IT audit processes, such as audit evidence materials, IT audit workpapers, auditor laptop computer resources, and many others. Although every audit department is different, this
Electronic reproduction; Available via World Wide Web
IT Audit, Control, and Security; Contents; Introduction: Importance of IT Auditing; Part One: Auditing Internal Controls in an IT Environment; Chapter 1: SOx and the COSO Internal Controls Framework; ROLES AND RESPONSIBILITIES OF IT AUDITORS; IMPORTANCE OF EFFECTIVE INTERNAL CONTROLS AND COSO; COSO INTERNAL CONTROL SYSTEMS MONITORING GUIDANCE; SARBANES-OXLEY ACT; WRAPPING IT UP: COSO INTERNAL CONTROLS AND SOx; NOTES; Chapter 2: Using CobiT to Perform IT Audits; INTRODUCTION TO CobiT; CobiT FRAMEWORK; USING CobiT TO ASSESS INTERNAL CONTROLS; USING CobiT IN A SOx ENVIRONMENT
CobiT ASSURANCE FRAMEWORK GUIDANCECobiT IN PERSPECTIVE; NOTES; Chapter 3: IIA and ISACA Standards for the Professional Practice of Internal Auditing; INTERNAL AUDITING'S INTERNATIONAL PROFESSIONAL PRACTICE STANDARDS; CONTENT OF THE IPPF AND THE IIA INTERNATIONAL STANDARDS; STRONGLY RECOMMENDED IIA STANDARDS GUIDANCE; ISACA IT AUDITING STANDARDS OVERVIEW; CODES OF ETHICS: THE IIA AND ISACA; NOTES; Chapter 4: Understanding Risk Management through COSO ERM; RISK MANAGEMENT FUNDAMENTALS; QUANTITATIVE RISK ANALYSIS TECHNIQUES; IIA AND ISACA RISK MANAGEMENT INTERNAL AUDIT GUIDANCE
COSO ERM: ENTERPRISE RISK MANAGEMENTIT AUDIT RISK AND COSO ERM; NOTES; Chapter 5: Performing Effective IT Audits; IT AUDIT AND THE ENTERPRISE INTERNAL AUDIT FUNCTION; ORGANIZING AND PLANNING IT AUDITS; DEVELOPING AND PREPARING AUDIT PROGRAMS; GATHERING AUDIT EVIDENCE AND TESTING RESULTS; WORKPAPERS AND REPORTING IT AUDIT RESULTS; PREPARING EFFECTIVE IT AUDITS; NOTES; Part Two: Auditing IT General Controls; Chapter 6: General Controls in Today's IT Environments; IMPORTANCE OF IT GENERAL CONTROLS; IT GOVERNANCE GENERAL CONTROLS; IT MANAGEMENT GENERAL CONTROLS
IT TECHNICAL ENVIRONMENT GENERAL CONTROLSNOTE; Chapter 7: Infrastructure Controls and ITIL Service Management Best Practices; ITIL SERVICE MANAGEMENT BEST PRACTICES; ITIL'S SERVICE STRATEGIES COMPONENT; ITIL SERVICE DESIGN; ITIL SERVICE TRANSITION MANAGEMENT PROCESSES; ITIL SERVICE OPERATION PROCESSES; SERVICE DELIVERY BEST PRACTICES; AUDITING IT INFRASTRUCTURE MANAGEMENT; NOTE; Chapter 8: Systems Software and IT Operations General Controls; IT OPERATING SYSTEM FUNDAMENTALS; FEATURES OF A COMPUTER OPERATING SYSTEM; OTHER SYSTEMS SOFTWARE TOOLS
Chapter 9: Evolving Control Issues: Wireless Networks, Cloud Computing, and VirtualizationUNDERSTANDING AND AUDITING IT WIRELESS NETWORKS; UNDERSTANDING CLOUD COMPUTING; STORAGE MANAGEMENT VIRTUALIZATION; Part Three: Auditing and Testing IT Application Controls; Chapter 10: Selecting, Testing, and Auditing IT Applications; IT APPLICATION CONTROL ELEMENTS; SELECTING APPLICATIONS FOR IT AUDIT REVIEWS; PERFORMING AN APPLICATION CONTROLS REVIEW: PRELIMINARY STEPS; COMPLETING THE IT APPLICATION CONTROLS AUDIT; APPLICATION REVIEW CASE STUDY: CLIENT-SERVER BUDGETING SYSTEM