- Shopping Bag ( 0 items )
The tools, guidelines, and procedures that IS auditors need
Auditing Information Systems, Second Edition, explains clearly how to audit the controls and security over all types of information systems environments. The concepts and techniques in the book enable auditors, information security professionals, managers, and audit committee members of every knowledge and skill level to truly understand whether or not their computing systems are safe. The book provides a detailed examination of contemporary auditing issues such as:
Auditing Information Systems, Second Edition gives auditing professionals the tools they need to get their job done right. It is a must-have reference for any auditor’s library.
PART ONE: CORE CONCEPTS.
Chapter 1. Basics of Computing Systems.
Chapter 2. Identifying Computer Systems.
PART TWO: STANDARD INFORMATION SYSTEMS AUDIT APPROACH.
Chapter 3. Information Systems Audit Program.
Chapter 4. Information Systems Security Policies, Standards, and/or Guidelines.
Chapter 5. Auditing Service Organization Applications.
Chapter 6. Assessing the Financial Stability of Vendor Organizations, Examining Vendor Organization Contracts, and Examining Accounting Treatment of Computer Equipment and Software.
Chapter 7. Physical Security.
Chapter 8. Logical Security.
Chapter 9. Information Systems Operations.
PART THREE: CONTEMPORARY INFORMATION SYSTEMS AUDITING CONCEPTS.
Chapter 10. Control Self-Assessment and an Application in an Information Systems Environment.
Chapter 11. Encryption and Cryptography.
Chapter 12. Computer Forensics.
Chapter 13. Other Contemporary Information Systems Auditing Challenges.
Chapter 14. Humanistic Aspects of Information Systems Auditing.
Chapter 15. Information Systems Project Management Audits.
Chapter 16. Conclusion.
Appendix A: Professional Auditing Associations and Other Organizations Related to Information Systems Auditing and Computer Security.
Appendix B: Common Criteria for Information Technology Security Evaluation.
Appendix C: The International Organization for Standardization: Seven-Layer Open Systems Interconnection Reference Model.