Information Technology Control and Audit

Information Technology Control and Audit

by Frederick Gallegos (Author), SandraSenft (Author), Daniel P . Manson (Author), Carol Gonzales (Author)

Synopsis

Information Technology Control and Audit, Second Edition is an excellent introductory textbook for IT auditing. It covers a wide range of topics in the field including the audit process, the legal environment of IT auditing, security and privacy, and much more.

This textbook first examines the foundation of IT audit and control, discussing what IT auditing involves and the guidance provided by organizations in dealing with control and auditability issues. It then analyzes the process of audit and review, explores IT governance and control, and discusses the CobiT framework and steps that align IT decisions with business strategy. This volume examines project management processes that ensure that projects are controlled from inception through integration.

It continues by addressing auditing IT acquisition and implementation, describing risks and controls as related to the life cycle of application systems. It highlights the purchase and installation of new systems, as well as change management. The next section examines the auditing of IT operations in both standalone and global environments, covering types of IT operation, issues related to specific platforms, risk and control assessment, and audit methods and support tools.

The textbook concludes with a review of emerging issues, providing undergraduate and graduate students with a thorough overview of a topic critical to organizational security and integrity.

$5.31

Save:$60.04 (92%)

Quantity

1 in stock

More Information

Format: Hardcover
Pages: 720
Edition: 2
Publisher: Auerbach Publications
Published: 29 Mar 2004

ISBN 10: 0849320321
ISBN 13: 9780849320323

Media Reviews
The book is very useful for beginners as well as practitioners[It] is well written and presented. Its practical implementation in the country of origin of the authors (USA) should provide resiliency to IT security in the emerging cyberworld. - Information Systems Control Journal, Vol. 4, 2005