Top
Free Shipping On Orders Over $35!
Get Rewarded for Ordering Your Textbooks! Enroll Now
Customer Reviews Read Reviews
Write a Review
What is included with this book?
| Introduction | |
| Auditing Internal Controls in an IT Environment | |
| SOx and the COSO Internal Controls Framework | |
| Roles and Responsibilities of IT Auditors | |
| Importance of Effective Internal Controls and COSO | |
| COSO Internal Control Systems Monitoring Guidance | |
| Sarbanes-Oxley Act | |
| Wrapping It Up: COSO Internal Controls and Sox | |
| Notes | |
| Using CobiT to Perform IT Audits | |
| Introduction to CobiT | |
| CobiT Framework | |
| Using CobiT to Assess Internal Controls | |
| Using CobiT in a SOx Environment | |
| CobiT Assurance Framework Guidance | |
| CobiT in Perspective | |
| Notes | |
| IIA and ISACA Standards for the Professional Practice of Internal Auditing | |
| Internal Auditing's International Professional Practice Standards | |
| Content of the IPPF and the IIA International Standards | |
| Strongly Recommended IIA Standards Guidance | |
| ISACA IT Auditing Standards Overview | |
| Codes of Ethics: The IIA and ISACA | |
| Notes | |
| Understanding Risk Management Through COSO ERM | |
| Risk Management Fundamentals | |
| Quantitative Risk Analysis Techniques | |
| IIA and ISACA Risk Management Internal Audit Guidance | |
| COSO ERM: Enterprise Risk Management | |
| IT Audit Risk and COSO ERM | |
| Notes | |
| Performing Effective IT Audits | |
| IT Audit and the Enterprise Internal Audit Function | |
| Organizing and Planning IT Audits | |
| Developing and Preparing Audit Programs | |
| Gathering Audit Evidence and Testing Results | |
| Workpapers and Reporting IT Audit Results | |
| Preparing Effective IT Audits | |
| Notes | |
| Auditing IT General Controls | |
| General Controls in Today's IT Environments | |
| Importance of IT General Controls | |
| IT Governance General Controls | |
| IT Management General Controls | |
| IT Technical Environment General Controls | |
| Notes | |
| Infrastructure Controls and ITIL Service Management Best Practices | |
| ITIL Service Management Best Practices | |
| ITIL's Service Strategies Component | |
| ITIL Service Design | |
| ITIL Service Transition Management Processes | |
| ITIL Service Operation Processes | |
| Service Delivery Best Practices | |
| Auditing IT Infrastructure Management | |
| Notes | |
| Systems Software and IT Operations General Controls | |
| IT Operating System Fundamentals | |
| Features of a Computer Operating System | |
| Other Systems Software Tools | |
| Notes | |
| Evolving Control Issues: Wireless Networks, Cloud Computing, and Virtualization | |
| Understanding and Auditing IT Wireless Networks | |
| Understanding Cloud Computing | |
| Storage Management Virtualization | |
| Notes | |
| Auditing and Testing IT Application Controls | |
| Selecting, Testing, and Auditing IT Applications | |
| IT Application Control Elements | |
| Selecting Applications for IT Audit Reviews | |
| Performing an Applications Controls Reviews: Preliminary Steps | |
| Completing the IT Applications Controls Audit | |
| Application Review Case Study: Client-Server Budgeting System | |
| Auditing Applications Under Development | |
| Importance of Reviewing IT Applicatio Controls | |
| Notes | |
| Software Engineering and CMMi | |
| Software Engineering Concepts | |
| CMMi: Capability Maturity Model for Integration | |
| CMMi Benefits | |
| IT Audit, Internal Control, and CMMi | |
| Notes | |
| Auditing Service-Oriented Architectures and Record Management Processes | |
| Service-Oriented Computing and Service-Driven Applications | |
| IT Auditing in SOA Environments | |
| Electronic Records Management Internal Control Issues and Risks | |
| IT Audits of Electronic Records Management Processes | |
| Notes | |
| Computer-Assisted Audit Tools and Techniques | |
| Understanding Computer-Assisted Audit Tools and Techniques | |
| Determining the Need for CAATTs | |
| CAATT Software Tools | |
| Steps to Building Effective CAATTs | |
| Importance of CAATTs for Audit Evidence Gathering | |
| Notes | |
| Continuous Assurance Auditing, OLAP and XBRL | |
| Implementing Continuous Assurance Auditing | |
| Benefits of Continuous Assurance Auditing Tools | |
| Data Warehouses, Data Mining, and OLAP | |
| XBRL: The Internet-Based Extensible Marking Language | |
| Newer Technologies, the Continuous Close, and IT audit | |
| Notes | |
| Importance of IT Governance | |
| IT Controls and the Audit Committee. | |
| Role of the Audit Committee for IT Auditors | |
| Audit Committee Approval of Internal Audit Plans and Budgets | |
| Audit Committee Briefings on IT Audit Issues | |
| Audit Committee Review and Action on Significant IT Audit Findings | |
| IT Audit and the Audit Committee | |
| Val IT, Portfolio Management, and Project Management | |
| Val IT: Enhancing the Value of IT Investments | |
| IT Systems Portfolio and Program Management | |
| Project Management for IT Auditors | |
| Notes | |
| Compliance with IT-Related Laws and Regulations | |
| Computer Fraud and Abuse Act | |
| Computer Security Act of 1987 | |
| Gramm - Leach - Bliley Act | |
| HIPAA: Healthcare and Much More | |
| Other Personal Privacy and Security Legislative Requirements | |
| IT-Related Laws, Regulations, and Audit Standards | |
| Understanding and Reviewing Compliance with ISO Standards | |
| Background and Importance of ISO Standards in a Global Commerce World | |
| ISO Standards Overview | |
| ISO 19011 Quality Management Systems Auditing | |
| ISO Standards and IT Auditors | |
| Notes | |
| IT Security Environment CONTROLS | |
| Generally Accepted Security Standards | |
| Effective IT Perimeter Security | |
| Establishing an Effective, Enterprise-Wide Security Strategy | |
| Best Practices for It Audit and Security | |
| Notes | |
| Cyber-Security and Privacy Controls | |
| IT Network Security Fundamentals | |
| IT Systems Privacy Concerns | |
| PCI-DSS Fundamentals | |
| Auditing IT Security and Privacy | |
| Security and Privacy in the IT Audit Department | |
| Notes | |
| IT Fraud Detection and Prevention. | |
| Understanding and Recognizing Fraud in an IT Environment | |
| Red Flags: Fraud Detection Signs for IT and other Internal Auditors | |
| Public Accounting's Role in Fraud Detection | |
| IIA Standards and ISACA Materials for Detecting and Investigating Fraud | |
| IT Audit Fraud Risk Assessments | |
| IT Audit Fraud Investigations | |
| IT Fraud Prevention Processes | |
| Fraud Detection and the IT Auditor | |
| Notes | |
| Identity and Access Management | |
| Importance of Identity and Access Management | |
| Identity Management Processes | |
| Separation of Duties Identify Management Controls | |
| Access Management Provisioning | |
| Authentication and Authorization | |
| Auditing Identity and Access Management Processes | |
| Notes | |
| Establishing Effective IT Disaster Recovery Processes | |
| IT Disaster and Business Continuity Planning Today | |
| Building and Auditing an IT Disaster Recovery Plan | |
| Building the IT Disaster Recovery Plan | |
| Disaster Recovery Planning and Service Level Agreements | |
| Newer Disaster Recovery Plan Technologies: Data Mirroring Techniques | |
| Auditing Business Continuity Plans | |
| Disaster Recovery and Business Continuity Planning Going Forward | |
| Notes | |
| Electronic Archiving and Data Retention | |
| Elements of a Successful Electronic Records Management Process | |
| Electronic Documentation Standards | |
| Implementing Electronic IT Data Archiving | |
| Auditing Electronic Document Retention and Archival Processes | |
| Notes | |
| Business Continuity Management and BS 25999 | |
| IT Business Continuity Management Planning Needs Today | |
| BS 25999 Good Practice Guidelines | |
| Auditing BCM Processes | |
| Linking the BCM with Other Standards and Processes | |
| Notes | |
| Auditing Telecommunications and IT Communications Networks | |
| Network Security Concepts | |
| Effective IT Network Security Controls | |
| Auditing a VPN Installation | |
| Notes | |
| Change and Patch Management Controls | |
| IT Change Management Processes | |
| Auditing IT Change and Patch Management Controls | |
| Notes | |
| Six Sigma and Lean Technologies | |
| Six Sigma Background and Concepts | |
| Implementing Six Sigma | |
| Lean Six Sigma | |
| Notes | |
| Building an Effective IT Internal Audit function | |
| Establishing an IT Internal Audit Function | |
| Internal Audit Charter: An Important IT Audit Authorization | |
| Role of the Chief Audit Executive | |
| IT Audit Specialists | |
| IT Audit Managers and Supervisors | |
| Internal and IT Audit Policies and Procedures | |
| Organizing an Effective IT Audit Function | |
| Importance of a Strong IT Audit Function | |
| Notes | |
| Professional Certifications: CISA, CIA, and More | |
| Certified Information Systems Auditor Credentials | |
| Certified Information Security Manager Credentials | |
| Certificate in the Governance of Enterprise IT | |
| Certified Internal Auditor Responsibilities and Requirements | |
| Beyond the CIA: Other IIA Certifications | |
| CISSP Information Systems Security Professional Certification | |
| Certified Fraud Examiner Certification | |
| ASQ Internal Audit Certifications | |
| Other Internal Auditor Certifications | |
| Notes | |
| Quality Assurance Auditing and ASQ Standards | |
| Duties and Responsibilities of Quality Auditors | |
| Role of the Quality Auditor | |
| Performing ASQ Quality Audits | |
| Quality Assurance Reviews of IT Audit Functions | |
| Future Directions for Quality Assurance Auditing | |
| Notes | |
| About the Author | |
| Index | |
| Table of Contents provided by Publisher. All Rights Reserved. |
The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.
Need Help? Copyright © 1999-2024