did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9781420086171

IT Auditing and Sarbanes-Oxley Compliance: Key Strategies for Business Improvement

by ;
  • ISBN13:

    9781420086171

  • ISBN10:

    1420086170

  • Format: Hardcover
  • Copyright: 2008-10-29
  • Publisher: Auerbach Public

Note: Supplemental materials are not guaranteed with Rental or Used book purchases.

Purchase Benefits

List Price: $135.00 Save up to $88.62
  • Rent Book $85.05
    Add to Cart Free Shipping Icon Free Shipping

    TERM
    PRICE
    DUE
    USUALLY SHIPS IN 3-5 BUSINESS DAYS
    *This item is part of an exclusive publisher rental program and requires an additional convenience fee. This fee will be reflected in the shopping cart.

Supplemental Materials

What is included with this book?

Summary

Information technology auditing and Sarbanes-Oxley compliance have several overlapping characteristics. They both require ethical accounting practices, focused auditing activities, a functioning system of internal control, and a close watch by the board's audit committee and CEO. Written as a contribution to the accounting and auditing professions as well as to IT practitioners, IT Auditing and Sarbanes-Oxley Compliance:Key Strategies for Business Improvementlinks these two key business strategies and explains how to perform IT auditing in a comprehensive and strategic manner. Based on 46 years of experience as a consultant to the boards of major corporations in manufacturing and banking, the author addresses objectives, practices, and business opportunities expected from auditing information systems. Topics discussed include the concept of internal control, auditing functions, internal and external auditors, and the responsibilities of the board of directors.Thebook uses several case studies to illustrate and clarify the material. Its chapters analyze the underlying reasons for failures in IT projects and how they can be avoided, examine critical technical questions concerning information technology, discuss problems related to system reliability and response time, and explore issues of compliance.The book concludes by presenting readers with a 'œwhat if' scenario. If Sarbannes-Oxley legislation had passed the U.S. Congress in the late 1990s or even 2000, how might this have influenced the financial statements of Enron and Worldcom? We can never truly know the answer, but if companies make use of the procedures in this book, debacles such as these ' and those which led to the 2007-2008 credit and banking crisis ' will remain a distant memory.

Table of Contents

Prefacep. ix
About the Authorp. xv
Acknowledgmentsp. xvii
Management Control
Internal Control and Information Technologyp. 3
Internal Control Definedp. 3
Internal Control and Service Sciencep. 6
The Proverbial Long, Hard Lookp. 9
Classical and New Internal Controlsp. 13
Deficiencies and Conflicts in Internal Controlp. 16
Internal Control Is IT's Current Frontierp. 18
The Audit of Advanced IT Operationsp. 20
Case Studies on Internal Control's Contributionp. 25
Internal Control and Operational Riskp. 25
Monitoring Functions of Internal Controlp. 29
The Critical Role of Experimentationp. 31
Use of Threat Curves in ITp. 35
Design Review as an Internal Control Methodp. 38
Internal Control and System Specificationsp. 41
The Added Value of Prototypingp. 43
Auditing Functionsp. 47
Purpose of Auditingp. 47
Qualification of Auditors and Audit Standardsp. 50
Transparency in Financial Reportingp. 52
The Sarbanes-Oxley Act and Its Aftereffectsp. 56
The Auditor's Independence of Opinionp. 60
Auditing the Bank's Internal Control: A Case Studyp. 63
Audit Reports and Audit Trailsp. 66
Internal and External Auditp. 69
Auditing Responsibilities Prescribed by Regulatory Agenciesp. 69
Structure and Standards of Internal Auditp. 72
Internal Audit Functionsp. 75
Failures in Auditing Internal Controlp. 77
Outsourcing Internal Auditp. 80
External Audit Functionsp. 82
Unqualified and Qualified Reports by External Auditorsp. 84
Challenging the Dominance of the Big Fourp. 88
The Board's Accountability for Auditp. 91
Membership of the Board of Directorsp. 91
Legal Responsibilities of Board Members and Senior Managementp. 93
Committees of the Boardp. 96
The Corporate Governance and Nominating Committeep. 98
The Audit Committeep. 100
Situations That Escaped the Audit Committee's Watchp. 102
Cultural Changep. 105
Case Studies on Auditing a Company's Information Technology
Auditing the Information Technology Functionsp. 111
Snapshots of IT Auditsp. 111
Tuning the IT Audit to Regulatory Requirementsp. 114
Procedure of an IT Auditp. 117
Why IT Audit Impacts a Firm's Technologyp. 119
Auditing Fraud Casesp. 122
Auditing Technology Riskp. 124
Auditing the Overall System Conceptp. 127
Testing Existing Auditing Proceduresp. 128
Auditing IT's Legal Riskp. 131
Strategic IT Auditing: A Case Studyp. 135
Goal of a Strategic Auditp. 135
Strategic Analysis of the Bank's Businessp. 138
Snapshot of IT's Status Quop. 143
What Bank Executives Thought of IT Support They Receivedp. 145
High Back-Office Costs, Low Marketing Punch, and Treasury Department Woesp. 148
Conversion Problems Created by Legacy ITp. 150
Database Culture and Software Developmentp. 153
Conclusion: A Lopsided System Designp. 155
A Constructive View: Suggestions for IT Restructuringp. 157
Capitalizing on the Strengths of the Institutionp. 157
Opportunities and Problems of Strategic Planningp. 160
A New Technology Strategyp. 162
Bringing High Tech to the CEO and the Professionalsp. 165
Improving Internal Control over ITp. 168
Instituting a Risk-Management Systemp. 171
Return on Investment and the Technology Budgetp. 174
Profit Center Organization and Internal Billingp. 176
A Broader Perspective of IT Auditingp. 181
IT Projects That Never Reach Their Goalsp. 181
Why Has the Project Not Been Completed?p. 184
The Fall of a State-of-the-Art Project in Transaction Managementp. 188
Mismanagement of Client Accounts Revealed by an Auditp. 191
Wrong Approach to Risk Control: Too Much Manual Workp. 194
Auditing the Models for Market-Risk Exposurep. 198
Technical Examples in Auditing it Functions
Auditing IT Response Time and Reliabilityp. 203
Qualifications for Auditing Specific Technical Issuesp. 203
System Response Timep. 206
System Expansion Factorp. 208
User Activity and the Cost of Turnaround Timep. 210
Auditing Interactive Systemsp. 214
Auditing System Reliabilityp. 217
The Investigation of Reasons for Unreliabilityp. 219
Auditing Operational Readinessp. 221
Auditing the Security Systemp. 225
Information Security and the IT Auditorp. 225
Auditing Security Managementp. 227
Physical Securityp. 230
Logical Securityp. 231
How Safe Is Network Security?p. 234
Information Security in Cyberspace-The Small Fryp. 236
Information Security in Cyber Warfare-The Big Stuffp. 239
The Auditor's Target in Network Securityp. 241
Auditing Software Securityp. 244
Can it Help in Compliance? The Case of Sox
Sarbanes-Oxley Compliance and IT's Contributionp. 251
Compliance Definedp. 251
Beyond Compliance with the Sarbanes-Oxley Actp. 254
Both Regulation and Management Watch Should Be Proactivep. 257
SOX Is a Friend of Business, Not a Foep. 259
The Fear of the Policeman Is Greater than the Fear of ITp. 262
Contribution to Compliance of the Corporate Memory Facilityp. 265
The Contribution of Knowledge Engineeringp. 268
Why Knowledge Artifacts Are a Major Advance in ITp. 271
What If: Backtesting Sarbanes-Oxleyp. 275
The Concept Underpinning Case Studies and What-If Scenariosp. 275
Replaying the Enron Scandal under SOXp. 277
The Worst Continued to Worsenp. 279
Ignorance as a Way of Running a Big Firmp. 281
Modern Financial Alchemy: Prepaysp. 284
Credit Insurance, Surety Bonds, and Out-of-Court Settlementp. 288
Sarbanes-Oxley and the WorldCom Scandalp. 291
The Contribution of the Sarbanes-Oxley Act to the American Economyp. 293
Indexp. 297
Table of Contents provided by Ingram. All Rights Reserved.

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program