It Auditing Defined
Download It Auditing Defined PDF/ePub or read online books in Mobi eBooks. Click Download or Read Online button to get It Auditing Defined book now. This website allows unlimited access to, at the time of writing, more than 1.5 million titles, including hundreds of thousands of titles in various foreign languages.
It Auditing - Defined
IT Auditing Defined will allow readers to grasp the key concepts of Information Technology Auditing and its many facets. It aims to deliver significant experience to an individual who is interested in learning more about the "Execution" of performing IT Audits within the federal space and preparing a Federal Agency for an external audit. It walks through the basics of Planning and Scoping, Test of Design, Test of Effectiveness, Workpaper documentation, NFR preparation, and communication with upper management in order to remediate control gaps.
IT Auditing: Using Controls to Protect Information Assets
Author: Chris Davis
language: en
Publisher: McGraw Hill Professional
Release Date: 2007-01-12
Protect Your Systems with Proven IT Auditing Strategies "A must-have for auditors and IT professionals." -Doug Dexter, CISSP-ISSMP, CISA, Audit Team Lead, Cisco Systems, Inc. Plan for and manage an effective IT audit program using the in-depth information contained in this comprehensive resource. Written by experienced IT audit and security professionals, IT Auditing: Using Controls to Protect Information Assets covers the latest auditing tools alongside real-world examples, ready-to-use checklists, and valuable templates. Inside, you'll learn how to analyze Windows, UNIX, and Linux systems; secure databases; examine wireless networks and devices; and audit applications. Plus, you'll get up-to-date information on legal standards and practices, privacy and ethical issues, and the CobiT standard. Build and maintain an IT audit function with maximum effectiveness and value Implement best practice IT audit processes and controls Analyze UNIX-, Linux-, and Windows-based operating systems Audit network routers, switches, firewalls, WLANs, and mobile devices Evaluate entity-level controls, data centers, and disaster recovery plans Examine Web servers, platforms, and applications for vulnerabilities Review databases for critical controls Use the COSO, CobiT, ITIL, ISO, and NSA INFOSEC methodologies Implement sound risk analysis and risk management practices Drill down into applications to find potential control weaknesses