Understanding and Conducting Information Systems Auditing

$20.00
by Veena Hingarh
Shop Now
A comprehensive guide to understanding and auditing modern information systems The increased dependence on information system resources for performing key activities within organizations has made system audits essential for ensuring the confidentiality, integrity, and availability of information system resources. One of the biggest challenges faced by auditors is the lack of a standardized approach and relevant checklist. Understanding and Conducting Information Systems Auditing brings together resources with audit tools and techniques to solve this problem. Featuring examples that are globally applicable and covering all major standards, the book takes a non-technical approach to the subject and presents information systems as a management tool with practical applications. It explains in detail how to conduct information systems audits and provides all the tools and checklists needed to do so. In addition, it also introduces the concept of information security grading, to help readers to implement practical changes and solutions in their organizations. Includes everything needed to perform information systems audits - Organized into two sections―the first designed to help readers develop the understanding necessary for conducting information systems audits and the second providing checklists for audits - Features examples designed to appeal to a global audience Taking a non-technical approach that makes it accessible to readers of all backgrounds, Understanding and Conducting Information Systems Auditing is an essential resource for anyone auditing information systems. The increased dependence on information systems assets for performing critical functions of an organization has enhanced the need for using an information systems audit as a control to ensure confidentiality, integrity, and availability of information systems resources. But in order to achieve these goals, auditors in this field face some difficult challenges, including the absence of a standardized audit approach and the lack of relevant checklists. As experts in the information systems arena, authors Veena Hingarh and Arif Ahmed are quite familiar with these important issues. And now, with Understanding and Conducting Information Systems Auditing, they share their valuable insights with you. Divided into two comprehensive parts, this practical guide focuses on the subject of information systems audit as one driven by management―not technology. Part One skillfully provides the knowledge that all information systems auditors must have to effectively perform their job. The ten chapters included here progressively build up your competence for conducting a real-life information systems audit as they cover everything from hardware and software security issues to business continuity and disaster recovery plans. Part Two of the book explains the process involved in conducting an ISecGrade audit for awarding security grade to an auditee and contains forty domain-specific checklists under the ISecGrade methodology―a proprietary open source information systems audit methodology developed by the South Asian Management Technologies Foundation. Various checklists, regulatory guidelines, and best practice standards were consulted to develop these checklists as well as the authors’ personal experiences with conducting information systems audits. Complete with the most up-to-date information you need to understand the subject, definitions of technical terms, checklists to conduct audits, and a session quiz to review the level of your understanding, this book is an indispensable resource for the information systems practitioner and aspiring professional. Engaging and accessible, Understanding and Conducting Information Systems Auditing will help you make information technology installation across the world more secure. UNDERSTANDING AND CONDUCTING INFORMATION SYSTEMS AUDITING “This comprehensive book forms a basis for new auditors as well as experienced auditors working within an IT environment. Covering, as it does, such aspects as hardware and software security, the conducting of an information systems risk-based audit, as well as business continuity and disaster recovery planning, it acts as a reference manual as well as an instruction manual. Some of the focal areas such as security testing and vulnerability analysis are of particular benefit to the auditor, and the inclusion of ISecGrade Checklists makes this a must-have addition to any IT auditor’s library.” ―Richard Cascarino, MBA, CIA, CRMA, CFE, CISM “Network security among organizations remains a major challenge in the evolution of the digital economy. If it were simply a technology issue the organizations could rely on IT engineers to deploy marvels of technological excellence. But ensuring continuous security is more than a mere technical matter. The authors, who are an extraordinary blend of accounting professionals with rich international experience and network security exp

Customer Reviews

No ratings. Be the first to rate

 customer ratings

5 Stars
0%
4 Stars
0%
3 Stars
0%
2 Stars
0%
1 Star
0%

How are ratings calculated?
To calculate the overall star rating and percentage breakdown by star, we don’t use a simple average. Instead, our system considers things like how recent a review is and if the reviewer bought the item on Amazon. It also analyzes reviews to verify trustworthiness.

Review This Product

Share your thoughts with other customers

Dropdown link
Dropdown link
Dropdown link
Dropdown link