Cascarino, Richard.
Auditor's guide to IT auditing / Richard E. Cascarino. - 2nd ed. - Hoboken, N.J. : Wiley, ©2012. - 1 online resource (xxvi, 426 pages). - Wiley corporate F & A series . - Wiley corporate F & A. .
Revised edition of: Auditor's guide to information systems auditing. Includes index.
Includes bibliographical references and index.
Auditor's Guide to IT Auditing; Contents; Preface; PART I: IT AUDIT PROCESS; Chapter 1: Technology and Audit; Technology and Audit; Batch and Online Systems; Electronic Data Interchange; Electronic Business; Cloud Computing; Chapter 2: IT Audit Function Knowledge; Information Technology Auditing; What Is Management?; Management Process; Understanding the Organization's Business; Establishing the Needs; Identifying Key Activities; Establish Performance Objectives; Decide the Control Strategies; Implement and Monitor the Controls; Executive Management's Responsibility and Corporate Governance. Audit Role conceptual Foundation; Professionalism within the IT Auditing Function; Relationship of Internal IT Audit to the External Auditor; Relationship of IT Audit to Other Company Audit Activities; Audit Charter; Charter Content; Outsourcing the IT Audit Activity; Regulation, Control, and Standards; Chapter 3: IT Risk and Fundamental Auditing Concepts; Computer Risks and Exposures; Effect of Risk; Audit and Risk; Audit Evidence; Conducting an IT Risk-Assessment Process; NIST SP 800 30 Framework; ISO 27005; The "Cascarino Cube"; Reliability of Audit Evidence; Audit Evidence Procedures. Responsibilities for Fraud Detection and Prevention notes; Chapter 4: Standards and Guidelines for IT Auditing; IIA Standards; Code of Ethics; Advisory; Aids; Standards for the Professional Performance of Internal Auditing; ISACA Standards; ISACA Code of Ethics; COSO: Internal Control Standards; BS 7799 and ISO 17799: IT Security; NIST; BSI Baselines; Note; Chapter 5: Internal Controls Concepts Knowledge; Internal Controls; Cost/Benefit Considerations; Internal Control Objectives; Types of Internal Controls; Systems of Internal Control; Elements of Internal Control. Manual and Automated Systems control Procedures; Application Controls; Control Objectives and Risks; General Control Objectives; Data and Transactions Objectives; Program Control Objectives; Corporate IT Governance; COSO and Information Technology; Governance Frameworks; Notes; Chapter 6: Risk Management of the IT Function; Nature of Risk; Risk-Analysis Software; Auditing in General; Elements of Risk Analysis; Defining the Audit Universe; Computer System Threats; Risk Management; Notes; Chapter 7: Audit Planning Process; Benefits of an Audit Plan; Structure of the Plan; Types of Audit. Chapter 8: Audit Management planning; Audit Mission; IT Audit Mission; Organization of the Function; Staffing; IT Audit as a Support Function; Planning; Business Information Systems; Integrated IT Auditor versus Integrated IT Audit; Auditees as Part of the Audit Team; Application Audit Tools; Advanced Systems; Specialist Auditor; IT Audit Quality Assurance; Chapter 9: Audit Evidence Process; Audit Evidence; Audit Evidence Procedures; Criteria for Success; Statistical Sampling; Why Sample?; Judgmental (or Non-Statistical) Sampling; Statistical Approach; Sampling Risk; Assessing Sampling Risk.
Step-by-step guide to successful implementation and control of IT systems & mdash; including the Cloud. Many auditors are unfamiliar with the techniques they need to know to efficiently and effectively determine whether information systems are adequately protected. Now in a Second Edition, Auditor's Guide to IT Auditing presents an easy, practical guide for auditors that can be applied to all computing environments. Follows the approach used by the Information System Audit and Control Association's model curriculum, making this book a practical approach to IS auditingServes as an excellent study gui.
9781118225844 1118225848 9781118239070 1118239075 9781119203728 1119203724
9786613618375
CL0500000173 Safari Books Online 01DC2FC5-FEE6-4823-938D-CEB22AA4134A OverDrive, Inc. http://www.overdrive.com
Electronic data processing--Auditing.
Auditing.
Computer security.
Computer systems--Auditing.
Computer science.
Business.
BUSINESS & ECONOMICS--Industrial Management.
BUSINESS & ECONOMICS--Management.
BUSINESS & ECONOMICS--Management Science.
BUSINESS & ECONOMICS--Organizational Behavior.
Auditing.
Electronic data processing--Auditing.
Electronic books.
Electronic books.
Electronic books.
QA76.9.A93 / C37 2012eb
658/.0558
Auditor's guide to IT auditing / Richard E. Cascarino. - 2nd ed. - Hoboken, N.J. : Wiley, ©2012. - 1 online resource (xxvi, 426 pages). - Wiley corporate F & A series . - Wiley corporate F & A. .
Revised edition of: Auditor's guide to information systems auditing. Includes index.
Includes bibliographical references and index.
Auditor's Guide to IT Auditing; Contents; Preface; PART I: IT AUDIT PROCESS; Chapter 1: Technology and Audit; Technology and Audit; Batch and Online Systems; Electronic Data Interchange; Electronic Business; Cloud Computing; Chapter 2: IT Audit Function Knowledge; Information Technology Auditing; What Is Management?; Management Process; Understanding the Organization's Business; Establishing the Needs; Identifying Key Activities; Establish Performance Objectives; Decide the Control Strategies; Implement and Monitor the Controls; Executive Management's Responsibility and Corporate Governance. Audit Role conceptual Foundation; Professionalism within the IT Auditing Function; Relationship of Internal IT Audit to the External Auditor; Relationship of IT Audit to Other Company Audit Activities; Audit Charter; Charter Content; Outsourcing the IT Audit Activity; Regulation, Control, and Standards; Chapter 3: IT Risk and Fundamental Auditing Concepts; Computer Risks and Exposures; Effect of Risk; Audit and Risk; Audit Evidence; Conducting an IT Risk-Assessment Process; NIST SP 800 30 Framework; ISO 27005; The "Cascarino Cube"; Reliability of Audit Evidence; Audit Evidence Procedures. Responsibilities for Fraud Detection and Prevention notes; Chapter 4: Standards and Guidelines for IT Auditing; IIA Standards; Code of Ethics; Advisory; Aids; Standards for the Professional Performance of Internal Auditing; ISACA Standards; ISACA Code of Ethics; COSO: Internal Control Standards; BS 7799 and ISO 17799: IT Security; NIST; BSI Baselines; Note; Chapter 5: Internal Controls Concepts Knowledge; Internal Controls; Cost/Benefit Considerations; Internal Control Objectives; Types of Internal Controls; Systems of Internal Control; Elements of Internal Control. Manual and Automated Systems control Procedures; Application Controls; Control Objectives and Risks; General Control Objectives; Data and Transactions Objectives; Program Control Objectives; Corporate IT Governance; COSO and Information Technology; Governance Frameworks; Notes; Chapter 6: Risk Management of the IT Function; Nature of Risk; Risk-Analysis Software; Auditing in General; Elements of Risk Analysis; Defining the Audit Universe; Computer System Threats; Risk Management; Notes; Chapter 7: Audit Planning Process; Benefits of an Audit Plan; Structure of the Plan; Types of Audit. Chapter 8: Audit Management planning; Audit Mission; IT Audit Mission; Organization of the Function; Staffing; IT Audit as a Support Function; Planning; Business Information Systems; Integrated IT Auditor versus Integrated IT Audit; Auditees as Part of the Audit Team; Application Audit Tools; Advanced Systems; Specialist Auditor; IT Audit Quality Assurance; Chapter 9: Audit Evidence Process; Audit Evidence; Audit Evidence Procedures; Criteria for Success; Statistical Sampling; Why Sample?; Judgmental (or Non-Statistical) Sampling; Statistical Approach; Sampling Risk; Assessing Sampling Risk.
Step-by-step guide to successful implementation and control of IT systems & mdash; including the Cloud. Many auditors are unfamiliar with the techniques they need to know to efficiently and effectively determine whether information systems are adequately protected. Now in a Second Edition, Auditor's Guide to IT Auditing presents an easy, practical guide for auditors that can be applied to all computing environments. Follows the approach used by the Information System Audit and Control Association's model curriculum, making this book a practical approach to IS auditingServes as an excellent study gui.
9781118225844 1118225848 9781118239070 1118239075 9781119203728 1119203724
9786613618375
CL0500000173 Safari Books Online 01DC2FC5-FEE6-4823-938D-CEB22AA4134A OverDrive, Inc. http://www.overdrive.com
Electronic data processing--Auditing.
Auditing.
Computer security.
Computer systems--Auditing.
Computer science.
Business.
BUSINESS & ECONOMICS--Industrial Management.
BUSINESS & ECONOMICS--Management.
BUSINESS & ECONOMICS--Management Science.
BUSINESS & ECONOMICS--Organizational Behavior.
Auditing.
Electronic data processing--Auditing.
Electronic books.
Electronic books.
Electronic books.
QA76.9.A93 / C37 2012eb
658/.0558