Praise for Auditor's Guide to Information Systems Auditing "Auditor's Guide to Information Systems Auditing is the most comprehensive book about auditing that I have ever seen. There is something in this book for everyone. New auditors will find this book to be their bible-reading it will enable them to learn what the role of auditors really is and will convey to them what they must know, understand, and look for when performing audits. For experiencedauditors, this book will serve as a reality check to determine whether they are examining the right issues and whether they are being sufficiently comprehensive in their focus. Richard Cascarino has done a superb job." -E. Eugene Schultz, PhD, CISSP, CISM Chief Technology Officer and Chief Information Security Officer, High Tower Software A step-by-step guide tosuccessful implementation and control of information systems More and more, auditors are being called upon to assess the risks and evaluate the controls over computer information systems in all types of organizations. However, many auditors are unfamiliar with the techniques they need to know to efficiently and effectively determine whether information systems are adequately protected. Auditor's Guide to Information Systems Auditing presents an easy, practical guide for auditors that can be applied to all computing environments. As networks and enterprise resource planning systems bring resources together, and as increasing privacy violations threaten more organization, information systems integrity becomes more important than ever. With a complimentary student'sversion of the IDEA Data Analysis Software CD, Auditor's Guide to Information Systems Auditing empowers auditors to effectively gauge the adequacy and effectiveness of information systems controls.About the Author:
RICHARD CASCARINO, MBA, CIA, CFE, CISM, has, for the last eighteen years, been providing consultancy and professional development services to clients throughout the southern African region as well as in Europe, the Middle East, and the United States. Well-known in international auditing circles as one of the most knowledgeable practitioners in the field, he is a regular speaker at international conferences and has presented courses throughout Africa, Europe, the Middle East, and the United States. He is a past president of the Institute of Internal Auditors in South Africa, was the founding regional director of the Southern African Region of the IIA-Inc., and is a member of both the Information Systems Audit and Control Association and the American Institute of Certified Fraud Examiners (South African Chapter). He is also a coauthor of Internal Auditing: An Integrated Approach.
"Sobre este título" puede pertenecer a otra edición de este libro.
Descripción Wiley, 2007. Hardcover. Estado de conservación: New. Nº de ref. de la librería DADAX0470009896
Descripción Wiley, 2007. Hardcover. Estado de conservación: New. book. Nº de ref. de la librería 0470009896
Descripción Wiley, 2007. Hardcover. Estado de conservación: New. Nº de ref. de la librería P110470009896
Descripción Wiley. Hardcover. Estado de conservación: New. 0470009896 New Condition. Nº de ref. de la librería NEW4.0237867
Descripción Wiley, 2007. Estado de conservación: New. Brand New, Unread Copy in Perfect Condition. A+ Customer Service! Summary: PREFACE. ABOUT THE CD. PART I. IS Audit Process. CHAPTER 1. Technology and Audit. Technology and Audit. Batch and On-Line Systems. CHAPTER 2. IS Audit Function Knowledge. Information Systems Auditing. What Is Management? Management Process. Understanding the Organization's Business. Establishing the Needs. Identifying Key Activities. Establish Performance Objectives. Decide The Control Strategies. Implement and Monitor the Controls. Executive Management's Responsibility and Corporate Governance. Audit Role. Conceptual Foundation. Professionalism within the IS Auditing Function. Relationship of Internal IS Audit to the External Auditor. Relationship of IS Audit to Other Company Audit Activities. Audit Charter. Charter Content. Outsourcing the IS Audit Activity. Regulation, Control, and Standards. CHAPTER 3. IS Risk and Fundamental Auditing Concepts. Computer Risks and Exposures. Effect of Risk. Audit and Risk. Audit Evidence. Reliability of Audit Evidence. Audit Evidence Procedures. Responsibilities for Fraud Detection and Prevention. CHAPTER 4. Standards and Guidelines for IS Auditing. IIA Standards. Code of Ethics. Advisory. Aids. Standards for the Professional Performance of Internal Auditing. ISACA Standards. ISACA Code of Ethics. COSO: Internal Control Standards. BS 7799 and ISO 17799: IT Security. NIST. BSI Baselines. CHAPTER 5. Internal Controls Concepts Knowledge. Internal Controls. Cost/Benefit Considerations. Internal Control Objectives. Types Of Internal Controls. Systems of Internal Control. Elements of Internal Control. Manual and Automated Systems. Control Procedures. Application Controls. Control Objectives and Risks. General Control Objectives. Data and Transactions Objectives. Program Control Objectives. Corporate IT Governance. CHAPTER 6. Risk Management of the IS Function. Nature of Risk. Auditing in General. Elements of Risk Analysis. Defining the Audit Universe. Computer System Threats. Risk Management. CHAPTER 7. Audit Planning Process. Benefits of an Audit Plan. Structure of the Plan. Types of Audit. CHAPTER 8. Audit Management. Planning. Audit Mission. IS Audit Mission. Organization of the Function. Staffing. IS Audit as a Support Function. Planning. Business Information Systems. Integrated IS Auditor vs Integrated IS Audit. Auditees as Part of the Audit Team. Application Audit Tools. Advanced Systems. Specialist Auditor. IS Audit Quality Assurance. CHAPTER 9. Audit Evidence Process. Audit Evidence. Audit Evidence Procedures. Criteria for Success. Statistical Sampling. Why Sample? Judgmental (or Non-Statistical) Sampling. Statistical Approach. Sampling Risk. Assessing Sampling Risk. Planning a Sampling Application. Calculating Sample Size. Quantitative Methods. Project Scheduling Techniques. Simulations. Computer Assisted Audit Solutions. Generalized Audit Software. Application and Industry-Related Audit Software. Customized Audit Software. Information Retrieval Software. Utilities. On-Line Inquiry. Conventional Programming Languages. Microcomputer-Based Software. Test Transaction Techniques. CHAPTER 10. Audit Rep. Nº de ref. de la librería ABE_book_new_0470009896