INTRODUCTION   

The dizzying pace of information systems innovation has made vast expanses of information available to organizations and the public. Often, design flaws and technical vulnerabilities bring unintended consequences, often in the form of information theft and disclosure. The result: a patchwork of laws, regulations, and standards such as Sarbanes-Oxley, the European Data Protection Directive, Gramm-Leach-Bliley, HIPAA, PCI-DSS, PIPEDA, and scores of U.S. state laws requiring public disclosure of security breaches involving private information. Through these, organizations are either required or incentivized to perform their own internal audits or undergo external audits that measure compliance in order to avoid penalties, sanctions, ...

Get CISA Certified Information Systems Auditor All-in-One Exam Guide, Third Edition, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.