Auditor's guide to IT auditing /
Step-by-step guide to successful implementation and control of IT systems & mdash; including the Cloud. Many auditors are unfamiliar with the techniques they need to know to efficiently and effectively determine whether information systems are adequately protected. Now in a Second Edition, Audit...
| Κύριος συγγραφέας: | |
|---|---|
| Μορφή: | Ηλ. βιβλίο |
| Γλώσσα: | English |
| Έκδοση: |
Hoboken, N.J. :
Wiley,
[2012]
|
| Έκδοση: | 2nd ed. |
| Σειρά: | Wiley corporate F & A.
|
| Θέματα: | |
| Διαθέσιμο Online: | Full Text via HEAL-Link |
Πίνακας περιεχομένων:
- Auditor's Guide to IT Auditing; Contents; Preface; PART I: IT AUDIT PROCESS; Chapter 1: Technology and Audit; Technology and Audit; Batch and Online Systems; Electronic Data Interchange; Electronic Business; Cloud Computing; Chapter 2: IT Audit Function Knowledge; Information Technology Auditing; What Is Management?; Management Process; Understanding the Organization's Business; Establishing the Needs; Identifying Key Activities; Establish Performance Objectives; Decide the Control Strategies; Implement and Monitor the Controls; Executive Management's Responsibility and Corporate Governance.
- Audit Role conceptual Foundation; Professionalism within the IT Auditing Function; Relationship of Internal IT Audit to the External Auditor; Relationship of IT Audit to Other Company Audit Activities; Audit Charter; Charter Content; Outsourcing the IT Audit Activity; Regulation, Control, and Standards; Chapter 3: IT Risk and Fundamental Auditing Concepts; Computer Risks and Exposures; Effect of Risk; Audit and Risk; Audit Evidence; Conducting an IT Risk-Assessment Process; NIST SP 800 30 Framework; ISO 27005; The "Cascarino Cube"; Reliability of Audit Evidence; Audit Evidence Procedures.
- Responsibilities for Fraud Detection and Prevention notes; Chapter 4: Standards and Guidelines for IT Auditing; IIA Standards; Code of Ethics; Advisory; Aids; Standards for the Professional Performance of Internal Auditing; ISACA Standards; ISACA Code of Ethics; COSO: Internal Control Standards; BS 7799 and ISO 17799: IT Security; NIST; BSI Baselines; Note; Chapter 5: Internal Controls Concepts Knowledge; Internal Controls; Cost/Benefit Considerations; Internal Control Objectives; Types of Internal Controls; Systems of Internal Control; Elements of Internal Control.
- Manual and Automated Systems control Procedures; Application Controls; Control Objectives and Risks; General Control Objectives; Data and Transactions Objectives; Program Control Objectives; Corporate IT Governance; COSO and Information Technology; Governance Frameworks; Notes; Chapter 6: Risk Management of the IT Function; Nature of Risk; Risk-Analysis Software; Auditing in General; Elements of Risk Analysis; Defining the Audit Universe; Computer System Threats; Risk Management; Notes; Chapter 7: Audit Planning Process; Benefits of an Audit Plan; Structure of the Plan; Types of Audit.
- Chapter 8: Audit Management planning; Audit Mission; IT Audit Mission; Organization of the Function; Staffing; IT Audit as a Support Function; Planning; Business Information Systems; Integrated IT Auditor versus Integrated IT Audit; Auditees as Part of the Audit Team; Application Audit Tools; Advanced Systems; Specialist Auditor; IT Audit Quality Assurance; Chapter 9: Audit Evidence Process; Audit Evidence; Audit Evidence Procedures; Criteria for Success; Statistical Sampling; Why Sample?; Judgmental (or Non-Statistical) Sampling; Statistical Approach; Sampling Risk; Assessing Sampling Risk.
