Controls & Assurance in the Cloud: Using COBIT 5


Book Description

"This practical guidance was created for enterprises using or considering using cloud computing. It provides a governance and control framework based on COBIT 5 and an audit program using COBIT 5 for Assurance. This information can assist enterprises in assessing the potential value of cloud investments to determine whether the risk is within the acceptable level. In addition, it provides a list of publications and resources that can help determine if cloud computing is the appropriate solution for the data and processes being considered."--







Information Technology Control and Audit


Book Description

As you know, today's complex computing environment and shrinking departmental budgets make it vital for IT auditors and security professionals to have practical guidance on conducting audits and ensuring security in today's stretched and quickly changing computing environments. Whether you're new to IT auditing or have years of experience, Information Technology Control and Audit provides you with tools and techniques to solve the audit, control, and security problems and issues you face today. It provides guidance on conducting IT audits on new and legacy systems, coverage of changes in financial and computing standards, explanations of the vulnerabilities of emerging systems, and tips on how to do your job more effectively.




Cloud Computing and Services Sciences


Book Description

This book constitutes the thoroughly refereed proceedings of the 4th International Conference on Cloud Computing and Services Science, CLOSER 2014, held in Barcelona, Spain, in April 2014. The 14 papers presented were selected from 127 paper submissions. The papers focus on the following topics: cloud computing fundamentals; services science foundations for cloud computing; cloud computing platforms and applications; cloud computing enabling technologies; and mobile cloud computing services.




Information Technology Control and Audit


Book Description

The new edition of a bestseller, Information Technology Control and Audit, Fourth Edition provides a comprehensive and up-to-date overview of IT governance, controls, auditing applications, systems development, and operations. Aligned to and supporting the Control Objectives for Information and Related Technology (COBIT), it examines emerging trend







Implementing Effective IT Governance and IT Management


Book Description

This book is a revised edition of the best selling title Implementing IT Governance (ISBN 978 90 8753 119 5).For trainers free additional material of this book is available. This can be found under the "Training Material" tab. Log in with your trainer account to access the material. In all enterprises around the world, the issues, opportunities and challenges of aligning IT more closely with the organization and effectively governing an organization s IT investments, resources, major initiatives and superior uninterrupted service is becoming a major concern of the Board and executive management. An integrated and comprehensive approach to the alignment, planning, execution and governance of IT and its resources has become critical to more effectively align, integrate, invest, measure, deploy, service and sustain the strategic and tactical direction and value proposition of IT in support of organizations. Much has been written and documented about the individual components of IT Governance such as strategic planning, demand management, program and project management, IT service management, strategic sourcing and outsourcing, performance management, metrics, compliance and others. Much less has been written about a comprehensive and integrated approach for IT/Business Alignment, Planning, Execution and Governance. This title fills that need in the marketplace and offers readers structured and practical solutions using the best of the best practices available today. The book is divided into two parts, which cover the three critical pillars necessary to develop, execute and sustain a robust and effective IT governance environment:- Leadership, people, organization and strategy,- IT governance, its major component processes and enabling technologies. Each of the chapters also covers one or more of the following action oriented topics:- the why and what of IT: strategic planning, portfolio investment management, decision authority, etc.;- the how of IT: Program/Project Management, IT Service Management (including ITIL); Strategic Sourcing and outsourcing; performance, risk and contingency management (including COBIT, the Balanced Scorecard etc.) and leadership, team management and professional competences.




Auditing Cloud Computing


Book Description

The auditor's guide to ensuring correct security and privacy practices in a cloud computing environment Many organizations are reporting or projecting a significant cost savings through the use of cloud computing—utilizing shared computing resources to provide ubiquitous access for organizations and end users. Just as many organizations, however, are expressing concern with security and privacy issues for their organization's data in the "cloud." Auditing Cloud Computing provides necessary guidance to build a proper audit to ensure operational integrity and customer data protection, among other aspects, are addressed for cloud based resources. Provides necessary guidance to ensure auditors address security and privacy aspects that through a proper audit can provide a specified level of assurance for an organization's resources Reveals effective methods for evaluating the security and privacy practices of cloud services A cloud computing reference for auditors and IT security professionals, as well as those preparing for certification credentials, such as Certified Information Systems Auditor (CISA) Timely and practical, Auditing Cloud Computing expertly provides information to assist in preparing for an audit addressing cloud computing security and privacy for both businesses and cloud based service providers.




Cloud Security and Privacy


Book Description

You may regard cloud computing as an ideal way for your company to control IT costs, but do you know how private and secure this service really is? Not many people do. With Cloud Security and Privacy, you'll learn what's at stake when you trust your data to the cloud, and what you can do to keep your virtual infrastructure and web applications secure. Ideal for IT staffers, information security and privacy practitioners, business managers, service providers, and investors alike, this book offers you sound advice from three well-known authorities in the tech security world. You'll learn detailed information on cloud computing security that-until now-has been sorely lacking. Review the current state of data security and storage in the cloud, including confidentiality, integrity, and availability Learn about the identity and access management (IAM) practice for authentication, authorization, and auditing of the users accessing cloud services Discover which security management frameworks and standards are relevant for the cloud Understand the privacy aspects you need to consider in the cloud, including how they compare with traditional computing models Learn the importance of audit and compliance functions within the cloud, and the various standards and frameworks to consider Examine security delivered as a service-a different facet of cloud security