IT Auditing: Using Controls to Protect Information Assets
"A must-have for auditors and IT professionals." -Doug Dexter, CISSP-ISSMP, CISA, Audit Team Lead, Cisco Systems, Inc.
Plan for and manage an effective IT audit program using the in-depth information contained in this comprehensive resource. Written by experienced IT audit and security professionals, IT Auditing: Using Controls to Protect Information Assets covers the latest auditing tools alongside real-world examples, ready-to-use checklists, and valuable templates. Inside, you'll learn how to analyze Windows, UNIX, and Linux systems; secure databases; examine wireless networks and devices; and audit applications. Plus, you'll get up-to-date information on legal standards and practices, privacy and ethical issues, and the CobiT standard.
Build and maintain an IT audit function with maximum effectiveness and value
- Implement best practice IT audit processes and controls
- Analyze UNIX-, Linux-, and Windows-based operating systems
- Audit network routers, switches, firewalls, WLANs, and mobile devices
- Evaluate entity-level controls, data centers, and disaster recovery plans
- Examine Web servers, platforms, and applications for vulnerabilities
- Review databases for critical controls
- Use the COSO, CobiT, ITIL, ISO, and NSA INFOSEC methodologies
- Implement sound risk analysis and risk management practices
- Drill down into applications to find potential control weaknesses
Title: IT Auditing: Using Controls to Protect Information Assets
Author: Chris Davis; Mike Schiller; Kevin Wheeler