IT Auditing Using Controls to Protect Information Assets, Third Edition

 Secure Your Systems Using the Latest IT Auditing Techniques

fully updated to cover leading-edge tools and technologies, IT Auditing: Using Controls to Protect Information Assets, Third Edition, explains, step by step, how to implement a successful, enterprise-wide IT audit program. New chapters on auditing cybersecurity programs, big data and data repositories, and new technologies are included. This comprehensive guide describes how to assemble an effective IT audit team and maximize the value of the IT audit function. In-depth details on performing specific audits are accompanied by real-world examples, ready-to-use checklists, and valuable templates. Standards, frameworks, regulations, and risk management techniques are also covered in this definitive resource.

   build and maintain an internal it audit function with maximum effectiveness and value
   Audit entity-level controls and cybersecurity programs
   Assess data centers and disaster recovery
   Examine switches, routers, and firewalls
   Evaluate Windows, UNIX, and Linux operating systems
   Audit Web servers and applications
   Analyze databases and storage solutions
   Review big data and data repositories
   Assess end user computer devices, including PCs and mobile devices
   Audit virtualized environments
   Evaluate risks associated with cloud computing and outsourced operations
   Drill down into applications and projects to find potential control weaknesses
   Learn best practices for auditing new technologies
   Use standards and frameworks, such as COBIT, ITIL, and ISO
   Understand regulations, including Sarbanes-Oxley, HIPAA, and PCI
   Implement proven risk management practices