The definitive IT auditing resource—thoroughly revised to cover the latest technologies and developments This fully updated guide explains, step by step, how to plan and implement a successful enterprise-wide IT audit program. You will discover how to assemble an effective IT audit team and maximize the value of the IT audit function. New chapters discuss auditing strategies for cybersecurity programs and big data; all existing chapters have been expanded to reflect recent technological developments, including an expanded chapter on auditing cloud computing. Written by a team of experts, IT Auditing: Using Controls to Protect Information Assets, Third Edition offers solid techniques, templates, checklists and forms, explanations of leading-edge tools, and systematic procedures for conducting effective IT audits. Each concept is clearly demonstrated through real-world examples. Standards, frameworks, regulations, and risk management techniques are also covered in this definitive resource. ●Provides a flexible, tested framework to use when performing IT Audits ●Contains the latest auditing tools along with configuration tips ●Written by industry experts with experience in managing international audits
Secure Your Systems Using the Latest IT Auditing Techniques Fully updated to cover leading-edge tools and technologies, IT Auditing: Using Controls to Protect Information Assets, Third Edition explains, step by step, how to implement a successful, enterprise-wide IT audit program. New chapters on auditing cybersecurity programs, big data and data repositories, and new technologies are included. This comprehensive guide describes how to assemble an effective IT audit team and maximize the value of the IT audit function. In-depth details on performing specific audits are accompanied by real-world examples, ready-to-use checklists, and valuable templates. Standards, frameworks, regulations, and risk management techniques are also covered in this definitive resource. • Build and maintain an internal IT audit function with maximum effectiveness and value • Audit entity-level controls and cybersecurity programs • Assess data centers and disaster recovery • Examine switches, routers, and firewalls • Evaluate Windows, UNIX, and Linux operating systems • Audit Web servers and applications • Analyze databases and storage solutions • Review big data and data repositories • Assess end user computer devices, including PCs and mobile devices • Audit virtualized environments • Evaluate risks associated with cloud computing and outsourced operations • Drill down into applications and projects to find potential control weaknesses • Learn best practices for auditing new technologies • Use standards and frameworks, such as COBIT, ITIL, and ISO • Understand regulations, including Sarbanes-Oxley, HIPAA, and PCI • Implement proven risk management practices
Thank you for visiting our website. Would you like to provide feedback on how we could improve your experience?
This site does not use any third party cookies with one exception — it uses cookies from Google to deliver its services and to analyze traffic.Learn More.