IT Audit, Control, and Security

ISBN-10: 0471406767

ISBN-13: 9780471406761

Edition: 2nd 2011

List price: $85.00 Buy it from $59.71
eBook available
This item qualifies for FREE shipping

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy

Description: Combines the areas of computer audit, computer control, and computer security in one book. * Offers step-by-step guidance on auditing, control, and security. * Provides numberous control objectives.

New Starting from $107.60
eBooks Starting from $40.00
Rent eBooks
Buy eBooks
what's this?
Rush Rewards U
Members Receive:
coins
coins
You have reached 400 XP and carrot coins. That is the daily max!

Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
Periodic Table Online content $4.95 $1.99
Add to cart
Study Briefs
Medical Terminology Online content $4.95 $1.99
Add to cart
Study Briefs
SQL Online content $4.95 $1.99

Customers also bought

Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading

Book details

List price: $85.00
Edition: 2nd
Copyright year: 2011
Publisher: John Wiley & Sons Australia, Limited
Publication date: 11/19/2010
Binding: Hardcover
Pages: 696
Size: 7.25" wide x 10.00" long x 1.50" tall
Weight: 3.014

Robert R. Moeller, Cpa, Cisa, Cissp, is an internal audit specialist and project manager with a strong understanding of information systems, corporate governance, and security. He has over twenty-five years of experience in internal auditing, ranging from launching new internal audit functions in several companies to serving as audit director for a Fortune 50corporation. He was the national director of computer auditing at Grant Thorton andthe audit director of Sears Roebuck.A frequently published author and pro-fessional speaker, he provides insights intomany of the new rules impacting internalauditors today, as well as the challengesaudit committees face when dealing withSarbanes-Oxley, internal controls, andtheir internal auditors.

Introduction
Auditing Internal Controls in an IT Environment
SOx and the COSO Internal Controls Framework
Roles and Responsibilities of IT Auditors
Importance of Effective Internal Controls and COSO
COSO Internal Control Systems Monitoring Guidance
Sarbanes-Oxley Act
Wrapping It Up: COSO Internal Controls and Sox
Notes
Using CobiT to Perform IT Audits
Introduction to CobiT
CobiT Framework
Using CobiT to Assess Internal Controls
Using CobiT in a SOx Environment
CobiT Assurance Framework Guidance
CobiT in Perspective
Notes
IIA and ISACA Standards for the Professional Practice of Internal Auditing
Internal Auditing's International Professional Practice Standards
Content of the IPPF and the IIA International Standards
Strongly Recommended IIA Standards Guidance
ISACA IT Auditing Standards Overview
Codes of Ethics: The IIA and ISACA
Notes
Understanding Risk Management Through COSO ERM
Risk Management Fundamentals
Quantitative Risk Analysis Techniques
IIA and ISACA Risk Management Internal Audit Guidance
COSO ERM: Enterprise Risk Management
IT Audit Risk and COSO ERM
Notes
Performing Effective IT Audits
IT Audit and the Enterprise Internal Audit Function
Organizing and Planning IT Audits
Developing and Preparing Audit Programs
Gathering Audit Evidence and Testing Results
Workpapers and Reporting IT Audit Results
Preparing Effective IT Audits
Notes
Auditing IT General Controls
General Controls in Today's IT Environments
Importance of IT General Controls
IT Governance General Controls
IT Management General Controls
IT Technical Environment General Controls
Notes
Infrastructure Controls and ITIL Service Management Best Practices
ITIL Service Management Best Practices
ITIL's Service Strategies Component
ITIL Service Design
ITIL Service Transition Management Processes
ITIL Service Operation Processes
Service Delivery Best Practices
Auditing IT Infrastructure Management
Notes
Systems Software and IT Operations General Controls
IT Operating System Fundamentals
Features of a Computer Operating System
Other Systems Software Tools
Notes
Evolving Control Issues: Wireless Networks, Cloud Computing, and Virtualization
Understanding and Auditing IT Wireless Networks
Understanding Cloud Computing
Storage Management Virtualization
Notes
Auditing and Testing IT Application Controls
Selecting, Testing, and Auditing IT Applications
IT Application Control Elements
Selecting Applications for IT Audit Reviews
Performing an Applications Controls Reviews: Preliminary Steps
Completing the IT Applications Controls Audit
Application Review Case Study: Client-Server Budgeting System
Auditing Applications Under Development
Importance of Reviewing IT Applicatio Controls
Notes
Software Engineering and CMMi
Software Engineering Concepts
CMMi: Capability Maturity Model for Integration
CMMi Benefits
IT Audit, Internal Control, and CMMi
Notes
Auditing Service-Oriented Architectures and Record Management Processes
Service-Oriented Computing and Service-Driven Applications
IT Auditing in SOA Environments
Electronic Records Management Internal Control Issues and Risks
IT Audits of Electronic Records Management Processes
Notes
Computer-Assisted Audit Tools and Techniques
Understanding Computer-Assisted Audit Tools and Techniques
Determining the Need for CAATTs
CAATT Software Tools
Steps to Building Effective CAATTs
Importance of CAATTs for Audit Evidence Gathering
Notes
Continuous Assurance Auditing, OLAP and XBRL
Implementing Continuous Assurance Auditing
Benefits of Continuous Assurance Auditing Tools
Data Warehouses, Data Mining, and OLAP
XBRL: The Internet-Based Extensible Marking Language
Newer Technologies, the Continuous Close, and IT audit
Notes
Importance of IT Governance
IT Controls and the Audit Committee.
Role of the Audit Committee for IT Auditors
Audit Committee Approval of Internal Audit Plans and Budgets
Audit Committee Briefings on IT Audit Issues
Audit Committee Review and Action on Significant IT Audit Findings
IT Audit and the Audit Committee
Val IT, Portfolio Management, and Project Management
Val IT: Enhancing the Value of IT Investments
IT Systems Portfolio and Program Management
Project Management for IT Auditors
Notes
Compliance with IT-Related Laws and Regulations
Computer Fraud and Abuse Act
Computer Security Act of 1987
Gramm - Leach - Bliley Act
HIPAA: Healthcare and Much More
Other Personal Privacy and Security Legislative Requirements
IT-Related Laws, Regulations, and Audit Standards
Understanding and Reviewing Compliance with ISO Standards
Background and Importance of ISO Standards in a Global Commerce World
ISO Standards Overview
ISO 19011 Quality Management Systems Auditing
ISO Standards and IT Auditors
Notes
IT Security Environment CONTROLS
Generally Accepted Security Standards
Effective IT Perimeter Security
Establishing an Effective, Enterprise-Wide Security Strategy
Best Practices for It Audit and Security
Notes
Cyber-Security and Privacy Controls
IT Network Security Fundamentals
IT Systems Privacy Concerns
PCI-DSS Fundamentals
Auditing IT Security and Privacy
Security and Privacy in the IT Audit Department
Notes
IT Fraud Detection and Prevention.
Understanding and Recognizing Fraud in an IT Environment
Red Flags: Fraud Detection Signs for IT and other Internal Auditors
Public Accounting's Role in Fraud Detection
IIA Standards and ISACA Materials for Detecting and Investigating Fraud
IT Audit Fraud Risk Assessments
IT Audit Fraud Investigations
IT Fraud Prevention Processes
Fraud Detection and the IT Auditor
Notes
Identity and Access Management
Importance of Identity and Access Management
Identity Management Processes
Separation of Duties Identify Management Controls
Access Management Provisioning
Authentication and Authorization
Auditing Identity and Access Management Processes
Notes
Establishing Effective IT Disaster Recovery Processes
IT Disaster and Business Continuity Planning Today
Building and Auditing an IT Disaster Recovery Plan
Building the IT Disaster Recovery Plan
Disaster Recovery Planning and Service Level Agreements
Newer Disaster Recovery Plan Technologies: Data Mirroring Techniques
Auditing Business Continuity Plans
Disaster Recovery and Business Continuity Planning Going Forward
Notes
Electronic Archiving and Data Retention
Elements of a Successful Electronic Records Management Process
Electronic Documentation Standards
Implementing Electronic IT Data Archiving
Auditing Electronic Document Retention and Archival Processes
Notes
Business Continuity Management and BS 25999
IT Business Continuity Management Planning Needs Today
BS 25999 Good Practice Guidelines
Auditing BCM Processes
Linking the BCM with Other Standards and Processes
Notes
Auditing Telecommunications and IT Communications Networks
Network Security Concepts
Effective IT Network Security Controls
Auditing a VPN Installation
Notes
Change and Patch Management Controls
IT Change Management Processes
Auditing IT Change and Patch Management Controls
Notes
Six Sigma and Lean Technologies
Six Sigma Background and Concepts
Implementing Six Sigma
Lean Six Sigma
Notes
Building an Effective IT Internal Audit function
Establishing an IT Internal Audit Function
Internal Audit Charter: An Important IT Audit Authorization
Role of the Chief Audit Executive
IT Audit Specialists
IT Audit Managers and Supervisors
Internal and IT Audit Policies and Procedures
Organizing an Effective IT Audit Function
Importance of a Strong IT Audit Function
Notes
Professional Certifications: CISA, CIA, and More
Certified Information Systems Auditor Credentials
Certified Information Security Manager Credentials
Certificate in the Governance of Enterprise IT
Certified Internal Auditor Responsibilities and Requirements
Beyond the CIA: Other IIA Certifications
CISSP Information Systems Security Professional Certification
Certified Fraud Examiner Certification
ASQ Internal Audit Certifications
Other Internal Auditor Certifications
Notes
Quality Assurance Auditing and ASQ Standards
Duties and Responsibilities of Quality Auditors
Role of the Quality Auditor
Performing ASQ Quality Audits
Quality Assurance Reviews of IT Audit Functions
Future Directions for Quality Assurance Auditing
Notes
About the Author
Index
×
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.

×