book

The Basics of IT Audit

Name: The Basics of IT Audit
Author: Stephen D. Gantz
ISBN: 9780124171763

by Stephen D. Gantz

October 2013

Beginner

270 pages

8h 49m

English

Syngress

Read now

Unlock full access

Cover image
Title page
Table of Contents
Copyright
Dedication
Acknowledgments
About the Author
About the Technical Editor
Trademarks
Introduction
AbstractInformation in this chapterIntroduction to IT auditingPurpose and rationaleStructure and content

Chapter 1. IT Audit Fundamentals
Information in this chapterWhat is IT auditing?Why audit?Who gets audited?Who does IT auditing?Relevant source materialSummaryReferences
Chapter 2. Auditing in Context
Information in this chapter:IT governanceRisk managementCompliance and certificationQuality management and quality assuranceInformation security managementRelevant source materialSummaryReferences
Chapter 3. Internal Auditing
Information in this chapter:Internal audit as an organizational capabilityBenefits of internal IT auditingInternal audit challengesInternal auditorsRelevant source materialSummaryReferences
Chapter 4. External Auditing
Information in this chapter:Operational aspects of external auditsExternal IT audit drivers and rationaleExternal audit benefitsExternal audit challengesExternal auditorsRelevant source materialSummaryReferences
Chapter 5. Types of Audits
Information in this chapter:Financial auditsOperational auditsCertification auditsCompliance auditsIT-specific auditsRelevant source materialSummaryReferences
Chapter 6. IT Audit Components
Information in this chapterEstablishing the scope of IT auditsTypes of controlsAuditing different IT assetsAuditing procedural controls or processesRelevant source materialReferences
Chapter 7. IT Audit Drivers
Information in this chapter:Laws and regulationsCertification standardsOperational effectivenessQuality assurance and continuous improvementRelevant source materialSummaryReferences
Chapter 8. IT Audit Processes
Information in this chapter:Audit planningAudit performanceReporting findingsProcess life cycles and methodologiesRelevant source materialSummaryReferences
Chapter 9. Methodologies and Frameworks
Information in this chapterAudit-specific methodologies and frameworksIT governance and management frameworksGovernment-focused audit methodologiesSecurity control assessment frameworksRelevant source materialSummaryReferences
Chapter 10. Audit-Related Organizations, Standards, and Certifications
Information in this chapterNational and international perspectivesAudit-focused standards and certification organizationsOrganizations offering standards, guidance, or certifications relevant to IT auditingRelevant source materialSummaryReferences
References
AbstractReferences
Acronyms
AbstractAcronyms and abbreviations
Index

Overview

The Basics of IT Audit: Purposes, Processes, and Practical Information provides you with a thorough, yet concise overview of IT auditing. Packed with specific examples, this book gives insight into the auditing process and explains regulations and standards such as the ISO-27000, series program, CoBIT, ITIL, Sarbanes-Oxley, and HIPPA.

IT auditing occurs in some form in virtually every organization, private or public, large or small. The large number and wide variety of laws, regulations, policies, and industry standards that call for IT auditing make it hard for organizations to consistently and effectively prepare for, conduct, and respond to the results of audits, or to comply with audit requirements.

This guide provides you with all the necessary information if you're preparing for an IT audit, participating in an IT audit or responding to an IT audit.

Provides a concise treatment of IT auditing, allowing you to prepare for, participate in, and respond to the results
Discusses the pros and cons of doing internal and external IT audits, including the benefits and potential drawbacks of each
Covers the basics of complex regulations and standards, such as Sarbanes-Oxley, SEC (public companies), HIPAA, and FFIEC
Includes most methods and frameworks, including GAAS, COSO, COBIT, ITIL, ISO (27000), and FISCAM

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Auditor's Guide to IT Auditing, Second Edition

Publisher Resources

ISBN: 9780124171596

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills