Auditing IT Infrastructures for Compliance, 3rd Edition

What Is the Difference Between Information System and Information Security Compliance?

The Institute of Internal Auditors (IIA) is considered the gold standard for establishing professional practices guidance for auditors. The IIA defines an internal audit as “an independent, objective assurance and consulting activity designed to add value and improve an organization's operations.” In context to auditing the IT infrastructure, it could be considered as providing reasonable assurance to management that the IT controls are complete and working effectively.

The terms assurance and consulting are used in the IIA definition. Assurance is a traditional term often used to describe a very formal audit.

An assurance audit will typically examine controls ...

Get Auditing IT Infrastructures for Compliance, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Auditing IT Infrastructures for Compliance, 3rd Edition by Robert Johnson, Marty Weiss, Michael G. Solomon

What Is the Difference Between Information System and Information Security Compliance?

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly