IT Auditing Using Controls to Protect Information Assets 1st Edition by Chris Davis, Mike Schiller, Kevin Wheeler ISBN 0072263431 9780072263435

IT Auditing Using Controls to Protect Information Assets 1st Edition by Chris Davis, Mike Schiller, Kevin Wheeler – Ebook PDF Instant Download/Delivery. 0072263431, 9780072263435
Full download IT Auditing Using Controls to Protect Information Assets 1st Edition after payment

Product details:

ISBN 10: 0072263431 
ISBN 13: 9780072263435
Author: Chris Davis, Mike Schiller, Kevin Wheeler

Protect Your Systems with Proven IT Auditing Strategies ‘A must-have for auditors and IT professionals.’ -Doug Dexter, CISSP-ISSMP, CISA, Audit Team Lead, Cisco Systems, Inc. Plan for and manage an effective IT audit program using the in-depth information contained in this comprehensive resource. Written by experienced IT audit and security professionals, IT Auditing: Using Controls to Protect Information Assets covers the latest auditing tools alongside real-world examples, ready-to-use checklists, and valuable templates. Inside, you’ll learn how to analyze Windows, UNIX, and Linux systems; secure databases; examine wireless networks and devices; and audit applications. Plus, you’ll get up-to-date information on legal standards and practices, privacy and ethical issues, and the CobiT standard. Build and maintain an IT audit function with maximum effectiveness and value Implement best practice IT audit processes and controls Analyze UNIX-, Linux-, and Windows-based operating systems Audit network routers, switches, firewalls, WLANs, and mobile devices Evaluate entity-level controls, data centers, and disaster recovery plans Examine Web servers, platforms, and applications for vulnerabilities Review databases for critical controls Use the COSO, CobiT, ITIL, ISO, and NSA INFOSEC methodologies Implement sound risk analysis and risk management practices Drill down into applications to find potential control weaknesses.

IT Auditing Using Controls to Protect Information Assets 1st Table of contents:

Part I: Audit Overview
Chapter 1 Building an Effective Internal IT Audit Function
Why Are We Here? (The Internal Audit Department’s Mission)
Independence: The Great Myth
Consulting and Early Involvement: There’s More to Being an Auditor than Auditing
Four Methods for Consulting and Early Involvement: Your Toolkit
Relationship Building: Partnering versus Policing
The Role of the IT Audit Team
Forming and Maintaining an Effective IT Audit Team
Maintaining Expertise
Relationship with External Auditors
Summary
Chapter 2 The Audit Process
Internal Controls
Determining What to Audit
The Stages of an Audit
Standards
Summary
Part II: Auditing Techniques
Chapter 3 Auditing Entity-Level Controls
Background
Test Steps
Knowledge Base
Master Checklist
Chapter 4 Auditing Data Centers and Disaster Recovery
Background
Data Center Auditing Essentials
Auditing Data Centers
Neighborhood and Environment
Physical Access Control
Environmental Controls
Power Continuity
Alarm Systems
Fire Suppression
Surveillance Systems
Data Center Operations
Auditing Disaster Recovery
System Resiliency
Data Backup and Restore
Disaster Recovery Planning
Knowledge Base
Master Checklists
Chapter 5 Auditing Switches, Routers, and Firewalls
Background
Network Auditing Essentials
Auditing Switches, Routers, and Firewalls
General Network Equipment Audit Steps
Additional Switch Controls: Layer 2
Additional Router Controls: Layer 3
Additional Firewall Controls
Tools and Technologies: Auditing Networking Equipment
Knowledge Base
Master Checklists
Chapter 6 Auditing Windows Operating Systems
Background
Windows Auditing Basics
Performing the Audit
Windows Server Test Steps
Setup and General Controls
Review Services, Installed Applications, and Scheduled Tasks
Account Management and Password Controls
Review User Rights and Security Options
Network Security and Controls
How to Perform a Simplified Audit of a Windows Client
Tools and Technology
Knowledge Base
Master Checklists
Chapter 7 Auditing Unix and Linux Operating Systems
Background
Getting Around
Test Steps
Tools and Technology
Knowledge Base
Master Checklists
Chapter 8 Auditing Web Servers
Background
Web Auditing Essentials
Auditing Web Platforms and Web Applications
Auditing Web Servers
Auditing Web Applications
Tools and Technologies
Knowledge Base
Master Checklists
Chapter 9 Auditing Databases
Background
Database Basics
Performing the Audit
Tools and Technology
Knowledge Base
Master Checklist
Chapter 10 Auditing Applications
Application Auditing Essentials
Performing the Application Audit
Master Checklists
Chapter 11 Auditing WLAN and Mobile Devices
WLAN and Mobile Devices Background
WLAN and Mobile Device Auditing Essentials
Performing the Wireless LAN Audit
Performing the Mobile Device Audit
Additional Considerations
Tools and Technology
Knowledge Base
Master Checklists
Chapter 12 Auditing Company Projects
Background
Test Steps
Knowledge Base
Master Checklists
Part III: Frameworks, Standards, and Regulations
Chapter 13 Frameworks and Standards
Introduction to Internal IT Controls, Frameworks, and Standards
COSO
CoBIT
ITIL
ISO 27001/ISO 17799/BS 7799
NSA INFOSEC Assessment Methodology
Frameworks and Standards Trends
Chapter 14 Regulations
An Introduction to Legislation Related to Internal Controls
The Sarbanes-Oxley Act of 2002
Sarbanes-Oxley’s Impact on Public Corporations
Core Points of the Sarbanes-Oxley Act .
Sarbanes-Oxley’s Impact on IT Departments
Sarbanes-Oxley Considerations for Companies with Multiple Locations
Impact of Third-Party Services on Sarbanes-Oxley Compliance
Specific IT Controls Required for Sarbanes-Oxley Compliance
The Financial Impact of Sarbanes-Oxley Compliance on Companies
Gramm-Leach-Bliley Act
Privacy Regulations Such as California SB 1386
Health Insurance Portability and Accountability Act of 1996
EU Commission and Basel II
Payment Card Industry (PCI) Data Security Standard
Other Regulatory Trends
Chapter 15 Risk Management
Benefits of Risk Management
Risk Analysis
IT Risk Management Life Cycle
Summary of Formulas

People also search for IT Auditing Using Controls to Protect Information Assets 1st:

it auditing using controls to protect information assets
    
it auditing using controls to protect information assets pdf
    
it auditing using controls to protect information assets 2nd edition
    
it auditing controls
    
it audit controls examples