Book description
Have you been asked to perform an information systems audit and don't know where to start? Examine a company's hardware, software, and data organization and processing methods to ensure quality control and security with this easy, practical guide to auditing computer systems--the tools necessary to implement an effective IS audit. In nontechnical language and following the format of an IS audit program, you'll gain insight into new types of security certifications (e.g., TruSecure, CAP SysTrust, CPA WebTrust) as well as the importance of physical security controls, adequate insurance, and digital surveillance systems.
Order your copy today!
Table of contents
- Copyright
- Dedication
- List of Registered and Trademarked Names
- Preface
- Acknowledgments
- Core Concepts
-
Standard Information Systems Audit Approach
- Information Systems Audit Program
- Information Systems Security Policies, Standards, and/or Guidelines
-
Auditing Service Organization Applications
- SERVICE AUDITOR REPORTS
- USE OF SERVICE AUDITOR REPORTS FOR INTERNAL AUDITS
- REPORT OF INDEPENDENT AUDITORS
- DESCRIPTION OF RELEVANT POLICIES AND PROCEDURES AND OTHER INFORMATION
- CONTROL OBJECTIVES AS SPECIFIED BY SERVICE ORGANIZATION MANAGEMENT
- CLIENT CONTROL CONSIDERATIONS
- ALTERNATIVES TO SAS 70–TYPE AUDITS
- NOTES
- Assessing the Financial Stability of Vendor Organizations, Examining Vendor Organization Contracts, and Examining Accounting Treatment of Computer Equipment and Software
-
Physical Security
- PHYSICAL LOCKS
- SECURITY GUARDS
- VIDEO SURVEILLANCE CAMERAS
- GENERAL EMERGENCY AND DETECTION CONTROLS
- HEATING, VENTILATION, AND COOLING SYSTEMS
- INSURANCE COVERAGE
- PERIODIC BACKUPS
- EMERGENCY POWER AND UNINTERRUPTIBLE POWER SUPPLY SYSTEMS
- BUSINESS RESUMPTION PROGRAMS
- KEY ASPECTS OF AN INFORMATION SYSTEMS BUSINESS RESUMPTION PROGRAM
- BACKUP SYSTEM SECURITY ADMINISTRATOR
- NOTES
- Logical Security
- Information Systems Operations
-
Contemporary Information Systems Auditing Concepts
- Control Self-Assessment and an Application in an Information Systems Environment
- Encryption and Cryptography
- Computer Forensics
- Other Contemporary Information Systems Auditing Challenges
- Humanistic Aspects of Information Systems Auditing
- Information Systems Project Management Audits
- Conclusion
- Professional Auditing Associations and Other Organizations Related to Information Systems Auditing and Computer Security
- Common Criteria for Information Technology Security Evaluation
- The International Organization for Standardization: Seven-Layer Open Systems Interconnection (OSI) Reference Model
- Selected References
- Glossary
- Index
Product information
- Title: Auditing Information Systems, Second Edition
- Author(s):
- Release date: February 2003
- Publisher(s): Wiley
- ISBN: 9780471281177
You might also like
book
Auditor’s Guide to Information Systems Auditing
Praise for Auditor's Guide to Information Systems Auditing " Auditor's Guide to Information Systems Auditing is …
book
Auditor's Guide to IT Auditing, Second Edition
Step-by-step guide to successful implementation and control of IT systems—including the Cloud Many auditors are unfamiliar …
book
A Guide to Effective Internal Management System Audits
Are your internal audits adding value? Organizations hoping to comply with any of the International Standards …
book
Software Configuration Management Strategies and IBM® Rational® ClearCase®: A Practical Introduction, Second Edition
"I wrote that the first edition of this book "communicates much of the experience, wisdom, and …