Author : Wisconsin. Bureau of Municipal Audit
Publisher :
Page : pages
File Size : 23,94 MB
Release : 1979
Category : Computer security
ISBN :
Author : Robert R. Moeller
Publisher : John Wiley & Sons
Page : 696 pages
File Size : 14,50 MB
Release : 2011-04-12
Category : Business & Economics
ISBN : 1118035763
This section discusses IT audit cybersecurity and privacy control activities from two focus areas. First is focus on some of the many cybersecurity and privacy concerns that auditors should consider in their reviews of IT-based systems and processes. Second focus area includes IT Audit internal procedures. IT audit functions sometimes fail to implement appropriate security and privacy protection controls over their own IT audit processes, such as audit evidence materials, IT audit workpapers, auditor laptop computer resources, and many others. Although every audit department is different, this section suggests best practices for an IT audit function and concludes with a discussion on the payment card industry data security standard data security standards (PCI-DSS), a guideline that has been developed by major credit card companies to help enterprises that process card payments prevent credit card fraud and to provide some protection from various credit security vulnerabilities and threats. IT auditors should understand the high-level key elements of this standard and incorporate it in their review where appropriate.
Author : Robert E. Davis
Publisher : CRC Press
Page : 298 pages
File Size : 12,59 MB
Release : 2021-09-22
Category : Business & Economics
ISBN : 1000416089
"A much-needed service for society today. I hope this book reaches information managers in the organization now vulnerable to hacks that are stealing corporate information and even holding it hostage for ransom." – Ronald W. Hull, author, poet, and former professor and university administrator A comprehensive entity security program deploys information asset protection through stratified technological and non-technological controls. Controls are necessary for counteracting threats, opportunities, and vulnerabilities risks in a manner that reduces potential adverse effects to defined, acceptable levels. This book presents a methodological approach in the context of normative decision theory constructs and concepts with appropriate reference to standards and the respective guidelines. Normative decision theory attempts to establish a rational framework for choosing between alternative courses of action when the outcomes resulting from the selection are uncertain. Through the methodological application, decision theory techniques can provide objectives determination, interaction assessments, performance estimates, and organizational analysis. A normative model prescribes what should exist according to an assumption or rule.
Author : United States. General Accounting Office
Publisher :
Page : 298 pages
File Size : 44,90 MB
Release : 1981
Category : Auditing, Internal
ISBN :
Author : Michael Gertz
Publisher : Springer
Page : 203 pages
File Size : 10,55 MB
Release : 2013-11-11
Category : Business & Economics
ISBN : 0387355839
IT Governance is finally getting the Board's and top management's attention. The value that IT needs to return and the associated risks that need to be managed, have become so important in many industries that enterprise survival depends on it. Information integrity is a significant part of the IT Governance challenge. Among other things, this conference will explore how Information Integrity contributes to the overall control and governance frameworks that enterprises need to put in place for IT to deliver business value and for corporate officers to be comfortable about the IT risks the enterprise faces. The goals for this international working conference are to find answers to the following questions: • what precisely do business managers need in order to have confidence in the integrity of their information systems and their data; • what is the status quo of research and development in this area; • where are the gaps between business needs on the one hand and research I development on the other; what needs to be done to bridge these gaps. The contributions have been divided in the following sections: • Refereed papers. These are papers that have been selected through a blind refereeing process by an international programme committee. • Invited papers. Well known experts present practice and research papers upon invitation by the programme committee. • Tutorial. Two papers describe the background, status quo and future development of CobiT as well as a case of an implementation of Co biT.
Author : Christine H. Doxey
Publisher : John Wiley & Sons
Page : 400 pages
File Size : 21,6 MB
Release : 2019-07-16
Category : Business & Economics
ISBN : 1119554411
Step-by-step guidance on creating internal controls to manage risk Internal control is a process for assuring achievement of an organization's objectives in operational effectiveness and efficiency, reliable financial reporting, and compliance with laws, regulations, and policies. This is a "toolkit" approach that addresses a practical need for a series of standards of internal controls that can be used to mitigate risk within any size organization. Inadequate internal controls can cause a myriad of problems that adversely affect its ability to provide reliable, timely, and useful financial and managerial data needed to support operating, budgeting, and policy decisions. Reliable data is necessary to make sound business decisions. • Toolkit approach with detailed controls and risks outlined for key business processes • Foundational for SOX 404 initiatives • Key material to improve internal control efforts • Guidance during M&A projects Poor controls over data quality can cause financial data to be unreliable, incomplete, and inaccurate—this book helps you control that quality and manage risk.
Author : Zella G. Ruthberg
Publisher :
Page : 220 pages
File Size : 39,28 MB
Release : 1980
Category : Auditing
ISBN :
Author : Margaret E. van Biene-Hershey
Publisher : Springer
Page : 194 pages
File Size : 39,14 MB
Release : 2013-04-17
Category : Computers
ISBN : 0387355014
This publication is a collection of papers from the Third International Working Conference of IFIP TC-11 Working group 11.5 on "Integrity and Internal Control in Information systems". IFIP TC-11 Working Group 11.5 explores the area of integrity within information systems and the relationship between integrity in information systems and the overall internal control systems that are established in organizations to support the corporate governance codes. We want to recommend this book to security specialists, IT auditors and researchers who want to learn more about the business concerns related to integrity. Those same security specialists, IT auditors and researchers will also value this book for the papers presenting research into new techniques and methods for obtaining the desired level of integrity. The third conference represents a continuation of the dialogue between information security specialists, internal control specialists and the business community. The conference objectives are: • To present methods and techniques that will help business achieve the desired level of integrity in information systems and data; • To present the results of research that may in future be used to increase the level of integrity or help management maintain the desired level of integrity; • To investigate the shortcomings in the technologies presently in use, shortcomings that require attention in order to protect the integrity of systems in general.
Author : Javier F. Kuong
Publisher : Prentice Hall
Page : 424 pages
File Size : 16,24 MB
Release : 1987
Category : Business & Economics
ISBN :
Author : Robert R. Moeller
Publisher : John Wiley & Sons
Page : 403 pages
File Size : 45,87 MB
Release : 2008-03-31
Category : Business & Economics
ISBN : 9780470289921
Sarbanes-Oxley Internal Controls: Effective Auditing with AS5, CobiT, and ITIL is essential reading for professionals facing the obstacle of improving internal controls in their businesses. This timely resource provides at-your-fingertips critical compliance and internal audit best practices for today's world of SOx internal controls. Detailed and practical, this introductory handbook will help you to revitalize your business and drive greater performance.
