Skip to Main Content
IT Auditing Using Controls to Protect Information Assets, 2nd Edition, 2nd Edition
book

IT Auditing Using Controls to Protect Information Assets, 2nd Edition, 2nd Edition

by Chris Davis, Mike Schiller, Kevin Wheeler
February 2011
Intermediate to advanced content levelIntermediate to advanced
512 pages
15h 37m
English
McGraw-Hill
Content preview from IT Auditing Using Controls to Protect Information Assets, 2nd Edition, 2nd Edition

CHAPTER 3Auditing Entity-Level Controls

In this chapter we will discuss how to audit entity-level controls, which are pervasive across an organization. We will be discussing the auditing of information technology (IT) areas such as

• Strategic planning and technology roadmaps

• Performance indicators and metrics

• Project approval and monitoring processes

• Policies, standards, and procedures

• Employee management

• Asset and capacity management

• System configuration change management

Background

Because entity-level controls are pervasive across an organization, you can audit them once and feel confident that you have covered the topic for the whole company. This chapter discusses areas that the auditor should expect to see centralized in an ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Legal and Privacy Issues in Information Security, 3rd Edition

Legal and Privacy Issues in Information Security, 3rd Edition

Joanna Lyn Grama
Auditing IT Infrastructures for Compliance, 3rd Edition

Auditing IT Infrastructures for Compliance, 3rd Edition

Robert Johnson, Marty Weiss, Michael G. Solomon

Publisher Resources

ISBN: 9780071742382