9780071742382

IT Auditing Using Controls to Protect Information Assets, 2nd Edition

by ; ;
  • ISBN13:

    9780071742382

  • ISBN10:

    0071742387

  • Edition: 2nd
  • Format: Paperback
  • Copyright: 1/31/2011
  • Publisher: McGraw-Hill Education

Note: Supplemental materials are not guaranteed with Rental or Used book purchases.

Purchase Benefits

  • Free Shipping On Orders Over $59!
    Your order must be $59 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • Get Rewarded for Ordering Your Textbooks! Enroll Now
  • We Buy This Book Back!
    In-Store Credit: $2.10
    Check/Direct Deposit: $2.00
List Price: $72.00 Save up to $18.24
  • Rent Book $54.00
    Add to Cart Free Shipping

    TERM
    PRICE
    DUE

Supplemental Materials

What is included with this book?

  • The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
  • The Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Summary

Secure Your Systems Using the Latest IT Auditing Techniques Fully updated to cover leading-edge tools and technologies, IT Auditing: Using Controls to Protect Information Assets, Second Edition, explains, step by step, how to implement a successful, enterprise-wide IT audit program. New chapters on auditing cloud computing, outsourced operations, virtualization, and storage are included. This comprehensive guide describes how to assemble an effective IT audit team and maximize the value of the IT audit function. In-depth details on performing specific audits are accompanied by real-world examples, ready-to-use checklists, and valuable templates. Standards, frameworks, regulations, and risk management techniques are also covered in this definitive resource. Build and maintain an internal IT audit function with maximum effectiveness and value Audit entity-level controls, data centers, and disaster recovery Examine switches, routers, and firewalls Evaluate Windows, UNIX, and Linux operating systems Audit Web servers and applications Analyze databases and storage solutions Assess WLAN and mobile devices Audit virtualized environments Evaluate risks associated with cloud computing and outsourced operations Drill down into applications to find potential control weaknesses Use standards and frameworks, such as COBIT, ITIL, and ISO Understand regulations, including Sarbanes-Oxley, HIPAA, and PCI Implement proven risk management practices

Author Biography

Author Profiles
Chris Davis, CISA, CISSP, CCNP served as a senior IT auditor for Texas Instruments, where he worked on worldwide teams in security architecture, design and product management. Mr. Davis has trained and presented in information security, advanced computer forensic analysis, and hardware security design for corporate and government organizations and conferences. He actively teaches auditing and certification curriculum for Southern Methodist University.

Mike Schiller, CISA (Dallas, TX), has 15 years of experience in the IT audit field, most recently as the worldwide IT Audit Manager at Texas Instruments (TI).

Kevin Wheeler, CISSP, CISA, NSA IAM/IEM (Carrollton, TX), is the Founder and CEO of InfoDefense, an information security consultancy.

Table of Contents

Part I: Audit Overview; Chapter 1. Building an Effective Internal IT Audit Function; Chapter 2. The Audit Process; Part II: Auditing Techniques; Chapter 3. Auditing Entity-Level Controls; Chapter 4. Auditing Data Centers and Disaster Recovery; Chapter 5. Auditing Routers, Switches, and Firewalls; Chapter 6. Auditing Windows Operating Systems; Chapter 7. Auditing Unix and Linux Operating Systems; Chapter 8. Auditing Web Servers and Web Applications; Chapter 9. Auditing Databases; Chapter 10. Auditing Storage; Chapter 11. Auditing Virtualized Environments; Chapter 12. Auditing WLAN and Mobile Devices; Chapter 13. Auditing Applications; Chapter 14. Auditing Cloud Computing and Outsourced Operations; Chapter 15. Auditing Company Projects; Part III: Frameworks, Standards, and Regulations; Chapter 16. Frameworks and Standards; Chapter 17. Regulations; Chapter 18. Risk Management; Index

Rewards Program

Write a Review