Auditor's Guide to Information Systems Auditing

Auditor's Guide to Information Systems Auditing

Author: Richard E. Cascarino

Publisher: John Wiley & Sons

Published: 2007-06-15

Total Pages: 510

ISBN-13: 0470127031

DOWNLOAD EBOOK

Praise for Auditor's Guide to Information Systems Auditing "Auditor's Guide to Information Systems Auditing is the most comprehensive book about auditing that I have ever seen. There is something in this book for everyone. New auditors will find this book to be their bible-reading it will enable them to learn what the role of auditors really is and will convey to them what they must know, understand, and look for when performing audits. For experiencedauditors, this book will serve as a reality check to determine whether they are examining the right issues and whether they are being sufficiently comprehensive in their focus. Richard Cascarino has done a superb job." —E. Eugene Schultz, PhD, CISSP, CISM Chief Technology Officer and Chief Information Security Officer, High Tower Software A step-by-step guide tosuccessful implementation and control of information systems More and more, auditors are being called upon to assess the risks and evaluate the controls over computer information systems in all types of organizations. However, many auditors are unfamiliar with the techniques they need to know to efficiently and effectively determine whether information systems are adequately protected. Auditor's Guide to Information Systems Auditing presents an easy, practical guide for auditors that can be applied to all computing environments. As networks and enterprise resource planning systems bring resources together, and as increasing privacy violations threaten more organization, information systems integrity becomes more important than ever. With a complimentary student'sversion of the IDEA Data Analysis Software CD, Auditor's Guide to Information Systems Auditing empowers auditors to effectively gauge the adequacy and effectiveness of information systems controls.


Auditing Information Systems

Auditing Information Systems

Author: Jack J. Champlain

Publisher: John Wiley & Sons

Published: 2003-04-01

Total Pages: 450

ISBN-13: 0471466298

DOWNLOAD EBOOK

Have you been asked to perform an information systems audit and don't know where to start? Examine a company's hardware, software, and data organization and processing methods to ensure quality control and security with this easy, practical guide to auditing computer systems--the tools necessary to implement an effective IS audit. In nontechnical language and following the format of an IS audit program, you'll gain insight into new types of security certifications (e.g., TruSecure, CAP SysTrust, CPA WebTrust) as well as the importance of physical security controls, adequate insurance, and digital surveillance systems. Order your copy today!


Understanding and Conducting Information Systems Auditing

Understanding and Conducting Information Systems Auditing

Author: Veena Hingarh

Publisher: John Wiley & Sons

Published: 2013-01-30

Total Pages: 338

ISBN-13: 1118343778

DOWNLOAD EBOOK

A comprehensive guide to understanding and auditing modern information systems The increased dependence on information system resources for performing key activities within organizations has made system audits essential for ensuring the confidentiality, integrity, and availability of information system resources. One of the biggest challenges faced by auditors is the lack of a standardized approach and relevant checklist. Understanding and Conducting Information Systems Auditing brings together resources with audit tools and techniques to solve this problem. Featuring examples that are globally applicable and covering all major standards, the book takes a non-technical approach to the subject and presents information systems as a management tool with practical applications. It explains in detail how to conduct information systems audits and provides all the tools and checklists needed to do so. In addition, it also introduces the concept of information security grading, to help readers to implement practical changes and solutions in their organizations. Includes everything needed to perform information systems audits Organized into two sections—the first designed to help readers develop the understanding necessary for conducting information systems audits and the second providing checklists for audits Features examples designed to appeal to a global audience Taking a non-technical approach that makes it accessible to readers of all backgrounds, Understanding and Conducting Information Systems Auditing is an essential resource for anyone auditing information systems.


Information System Audit

Information System Audit

Author: Philippe Peret

Publisher: CRC Press

Published: 2022

Total Pages: 0

ISBN-13: 9781032136172

DOWNLOAD EBOOK

The digitalization of companies is a recurrent topic of conversation for managers. Long gone are the days of auditors specializing in one technique. This book proposes how you step by step go from a common understanding of our history of auditing to gradually define and justify the impacts on the audit strategy and the preparation of audits.


CISA Certified Information Systems Auditor Study Guide

CISA Certified Information Systems Auditor Study Guide

Author: David L. Cannon

Publisher: John Wiley & Sons

Published: 2016-03-14

Total Pages: 696

ISBN-13: 1119056241

DOWNLOAD EBOOK

The ultimate CISA prep guide, with practice exams Sybex's CISA: Certified Information Systems Auditor Study Guide, Fourth Edition is the newest edition of industry-leading study guide for the Certified Information System Auditor exam, fully updated to align with the latest ISACA standards and changes in IS auditing. This new edition provides complete guidance toward all content areas, tasks, and knowledge areas of the exam and is illustrated with real-world examples. All CISA terminology has been revised to reflect the most recent interpretations, including 73 definition and nomenclature changes. Each chapter summary highlights the most important topics on which you'll be tested, and review questions help you gauge your understanding of the material. You also get access to electronic flashcards, practice exams, and the Sybex test engine for comprehensively thorough preparation. For those who audit, control, monitor, and assess enterprise IT and business systems, the CISA certification signals knowledge, skills, experience, and credibility that delivers value to a business. This study guide gives you the advantage of detailed explanations from a real-world perspective, so you can go into the exam fully prepared. Discover how much you already know by beginning with an assessment test Understand all content, knowledge, and tasks covered by the CISA exam Get more in-depths explanation and demonstrations with an all-new training video Test your knowledge with the electronic test engine, flashcards, review questions, and more The CISA certification has been a globally accepted standard of achievement among information systems audit, control, and security professionals since 1978. If you're looking to acquire one of the top IS security credentials, CISA is the comprehensive study guide you need.


Information Technology Control and Audit, Fifth Edition

Information Technology Control and Audit, Fifth Edition

Author: Angel R. Otero

Publisher: CRC Press

Published: 2018-07-27

Total Pages: 514

ISBN-13: 0429877323

DOWNLOAD EBOOK

The new fifth edition of Information Technology Control and Audit has been significantly revised to include a comprehensive overview of the IT environment, including revolutionizing technologies, legislation, audit process, governance, strategy, and outsourcing, among others. This new edition also outlines common IT audit risks, procedures, and involvement associated with major IT audit areas. It further provides cases featuring practical IT audit scenarios, as well as sample documentation to design and perform actual IT audit work. Filled with up-to-date audit concepts, tools, techniques, and references for further reading, this revised edition promotes the mastery of concepts, as well as the effective implementation and assessment of IT controls by organizations and auditors. For instructors and lecturers there are an instructor’s manual, sample syllabi and course schedules, PowerPoint lecture slides, and test questions. For students there are flashcards to test their knowledge of key terms and recommended further readings. Go to http://routledgetextbooks.com/textbooks/9781498752282/ for more information.


CISA – Certified Information Systems Auditor Study Guide

CISA – Certified Information Systems Auditor Study Guide

Author: Hemang Doshi

Publisher: Packt Publishing Ltd

Published: 2020-08-21

Total Pages: 580

ISBN-13: 183898531X

DOWNLOAD EBOOK

This CISA study guide is for those interested in achieving CISA certification and provides complete coverage of ISACA's latest CISA Review Manual (2019) with practical examples and over 850 exam-oriented practice questions Key Features Book DescriptionAre you looking to prepare for the CISA exam and understand the roles and responsibilities of an information systems (IS) auditor? The CISA - Certified Information Systems Auditor Study Guide is here to help you get started with CISA exam prep. This book covers all the five CISA domains in detail to help you pass the exam. You’ll start by getting up and running with the practical aspects of an information systems audit. The book then shows you how to govern and manage IT, before getting you up to speed with acquiring information systems. As you progress, you’ll gain knowledge of information systems operations and understand how to maintain business resilience, which will help you tackle various real-world business problems. Finally, you’ll be able to assist your organization in effectively protecting and controlling information systems with IT audit standards. By the end of this CISA book, you'll not only have covered the essential concepts and techniques you need to know to pass the CISA certification exam but also have the ability to apply them in the real world.What you will learn Understand the information systems auditing process Get to grips with IT governance and management Gain knowledge of information systems acquisition Assist your organization in protecting and controlling information systems with IT audit standards Understand information systems operations and how to ensure business resilience Evaluate your organization’s security policies, standards, and procedures to meet its objectives Who this book is for This CISA exam study guide is designed for those with a non-technical background who are interested in achieving CISA certification and are currently employed or looking to gain employment in IT audit and security management positions.


Federal Information System Controls Audit Manual (FISCAM)

Federal Information System Controls Audit Manual (FISCAM)

Author: Robert F. Dacey

Publisher: DIANE Publishing

Published: 2010-11

Total Pages: 601

ISBN-13: 1437914063

DOWNLOAD EBOOK

FISCAM presents a methodology for performing info. system (IS) control audits of governmental entities in accordance with professional standards. FISCAM is designed to be used on financial and performance audits and attestation engagements. The methodology in the FISCAM incorp. the following: (1) A top-down, risk-based approach that considers materiality and significance in determining audit procedures; (2) Evaluation of entitywide controls and their effect on audit risk; (3) Evaluation of general controls and their pervasive impact on bus. process controls; (4) Evaluation of security mgmt. at all levels; (5) Control hierarchy to evaluate IS control weaknesses; (6) Groupings of control categories consistent with the nature of the risk. Illus.


Auditing Your Information Systems and IT Infrastructure

Auditing Your Information Systems and IT Infrastructure

Author: Nwabueze Ohia

Publisher:

Published: 2017-10-24

Total Pages: 201

ISBN-13: 9781973136262

DOWNLOAD EBOOK

Having issued the title "IT Infrastructure Risk and Vulnerability Library", which did well in identifying and consolidating most of the risk and vulnerabilities inherent in the commonly deployed IT Systems and Infrastructure in corporate organizations, it is pertinent to also discuss in details the controls that will be required in mitigating those risk/vulnerabilities in addition to audit test procedures that IT Auditors or other Assurance personnel will undertake to ensure that the controls put in place by their audit clients are adequate in minimizing if not eliminate the impact of the risk. Hence, the need to issue this title "Auditing Your Core Information Systems and IT Infrastructure (Practical Audit Programs/Checklists for Internal Auditors)".The book adopted the "risk", "controls" and "test procedure" methodology in highlighting what the Auditor needs to be testing and how they will carry out the test to ensure the effectiveness and adequacy of required controls or otherwise. Using this globally accepted method, which have been adopted by most corporations and research institutions worldwide, the title "Auditing Your Core Information Systems and IT Infrastructure" serves as a reference handbook for IT Auditors and other Assurance professionals and detailed how information systems and process controls can be tested to provide assurance on their effectiveness and adequacy. It documented series of task (audit steps) IT Auditors need to perform during their audit in the form of audit programs/checklists and can be used as a guide in performing audit reviews of the following areas.* Data centre.* Business continuity management and disaster recovery planning. * Business process re-engineering (BPR) and automation function. * IT governance and strategic planning.* Physical/environmental security and power supply adequacy.* Windows infrastructure, intranet and internet security.* Electronic banking and payment channels* UNIX operating system (AIX, Solaris and Linux infrastructure).* Core banking application (Finacle, Flexcube, Globus, Banks, Equinos, and Phoenix).* Payment card (debit, credit & prepaid) processes, systems and applications - PCIDSS Compliance.* Employee Information and Systems Security.* Perimeter Network Security.Intended for IT Auditors and other Assurance professionals that are desirous of improving their auditing skills or organizations that are performing risk and control self-assessment (RCSA) exercise from the ground up. What You Will Learn and Benefit:* Build or improve your auditing and control testing technics/skills by knowing what to look out for and how to verify the existence and adequacy of controls.* Acquire standard audit programs/checklists for auditing core IT systems and infrastructure, which can be applied in your environment.* Prepare for and pass such common certification audits as PCI-DSS, ISO 27001, ISO 2230, ISO 20000 and ISO 90001.* Audit programs/checklists from this book can easily be integrated into standard audit software such as Teammates and/or MKInsight given that they share common templates.* Expanding the scope of your audit testing to cover more areas of concerns or exposures.* Strengthen your organization's internal audit process and control testing.Who This Book Is For:IT professionals moving into auditing field; new IT Audit Managers, directors, project heads, and would-be CAEs and CISOs; security specialists from other disciplines moving into information security (e.g., former military security professionals, law enforcement professionals, and physical security professionals); and information security specialists (e.g. IT Security Managers, IT Risk Managers, IT Control implementers, CIOs, CTOs, COO).