Information System Audit


Book Description

The digitalization of companies is a recurrent topic of conversation for managers. Long gone are the days of auditors specializing in one technique. This book proposes how you step by step go from a common understanding of our history of auditing to gradually define and justify the impacts on the audit strategy and the preparation of audits.




The Information Audit


Book Description

The Information Audit is a process by which an organisation investigates its information requirements and matches them against the information resources and services that are currently provided. Using a seven stage model this book will take the information professional through the process of an audit.




The Basics of IT Audit


Book Description

The Basics of IT Audit: Purposes, Processes, and Practical Information provides you with a thorough, yet concise overview of IT auditing. Packed with specific examples, this book gives insight into the auditing process and explains regulations and standards such as the ISO-27000, series program, CoBIT, ITIL, Sarbanes-Oxley, and HIPPA. IT auditing occurs in some form in virtually every organization, private or public, large or small. The large number and wide variety of laws, regulations, policies, and industry standards that call for IT auditing make it hard for organizations to consistently and effectively prepare for, conduct, and respond to the results of audits, or to comply with audit requirements. This guide provides you with all the necessary information if you're preparing for an IT audit, participating in an IT audit or responding to an IT audit. - Provides a concise treatment of IT auditing, allowing you to prepare for, participate in, and respond to the results - Discusses the pros and cons of doing internal and external IT audits, including the benefits and potential drawbacks of each - Covers the basics of complex regulations and standards, such as Sarbanes-Oxley, SEC (public companies), HIPAA, and FFIEC - Includes most methods and frameworks, including GAAS, COSO, COBIT, ITIL, ISO (27000), and FISCAM




Information Technology Control and Audit, Fifth Edition


Book Description

The new fifth edition of Information Technology Control and Audit has been significantly revised to include a comprehensive overview of the IT environment, including revolutionizing technologies, legislation, audit process, governance, strategy, and outsourcing, among others. This new edition also outlines common IT audit risks, procedures, and involvement associated with major IT audit areas. It further provides cases featuring practical IT audit scenarios, as well as sample documentation to design and perform actual IT audit work. Filled with up-to-date audit concepts, tools, techniques, and references for further reading, this revised edition promotes the mastery of concepts, as well as the effective implementation and assessment of IT controls by organizations and auditors. For instructors and lecturers there are an instructor’s manual, sample syllabi and course schedules, PowerPoint lecture slides, and test questions. For students there are flashcards to test their knowledge of key terms and recommended further readings. Go to http://routledgetextbooks.com/textbooks/9781498752282/ for more information.




Guide to Audit Data Analytics


Book Description

Designed to facilitate the use of audit data analytics (ADAs) in the financial statement audit, this title was developed by leading experts across the profession and academia. The guide defines audit data analytics as “the science and art of discovering and analyzing patterns, identifying anomalies, and extracting other useful information in data underlying or related to the subject matter of an audit through analysis, modeling, and visualization for planning or performing the audit.” Simply put, ADAs can be used to perform a variety of procedures to gather audit evidence. Each chapter focuses on an audit area and includes step-by-step guidance illustrating how ADAs can be used throughout the financial statement audit. Suggested considerations for assessing the reliability of data are also included in a separate appendix.




Auditing


Book Description

The explosion of data analytics in the auditing profession demands a different kind of auditor. Auditing: A Practical Approach with Data Analytics prepares students for the rapidly changing demands of the auditing profession by meeting the data-driven requirements of today's workforce. Because no two audits are alike, this course uses a practical, case-based approach to help students develop professional judgement, think critically about the auditing process, and develop the decision-making skills necessary to perform a real-world audit. To further prepare students for the profession, this course integrates seamless exam review for successful completion of the CPA Exam.




Information Technology Control and Audit


Book Description

As you know, today's complex computing environment and shrinking departmental budgets make it vital for IT auditors and security professionals to have practical guidance on conducting audits and ensuring security in today's stretched and quickly changing computing environments. Whether you're new to IT auditing or have years of experience, Information Technology Control and Audit provides you with tools and techniques to solve the audit, control, and security problems and issues you face today. It provides guidance on conducting IT audits on new and legacy systems, coverage of changes in financial and computing standards, explanations of the vulnerabilities of emerging systems, and tips on how to do your job more effectively.




Federal Information System Controls Audit Manual (FISCAM)


Book Description

FISCAM presents a methodology for performing info. system (IS) control audits of governmental entities in accordance with professional standards. FISCAM is designed to be used on financial and performance audits and attestation engagements. The methodology in the FISCAM incorp. the following: (1) A top-down, risk-based approach that considers materiality and significance in determining audit procedures; (2) Evaluation of entitywide controls and their effect on audit risk; (3) Evaluation of general controls and their pervasive impact on bus. process controls; (4) Evaluation of security mgmt. at all levels; (5) Control hierarchy to evaluate IS control weaknesses; (6) Groupings of control categories consistent with the nature of the risk. Illus.




Auditing Information and Cyber Security Governance


Book Description

"A much-needed service for society today. I hope this book reaches information managers in the organization now vulnerable to hacks that are stealing corporate information and even holding it hostage for ransom." – Ronald W. Hull, author, poet, and former professor and university administrator A comprehensive entity security program deploys information asset protection through stratified technological and non-technological controls. Controls are necessary for counteracting threats, opportunities, and vulnerabilities risks in a manner that reduces potential adverse effects to defined, acceptable levels. This book presents a methodological approach in the context of normative decision theory constructs and concepts with appropriate reference to standards and the respective guidelines. Normative decision theory attempts to establish a rational framework for choosing between alternative courses of action when the outcomes resulting from the selection are uncertain. Through the methodological application, decision theory techniques can provide objectives determination, interaction assessments, performance estimates, and organizational analysis. A normative model prescribes what should exist according to an assumption or rule.




Government Auditing Standards - 2018 Revision


Book Description

Audits provide essential accountability and transparency over government programs. Given the current challenges facing governments and their programs, the oversight provided through auditing is more critical than ever. Government auditing provides the objective analysis and information needed to make the decisions necessary to help create a better future. The professional standards presented in this 2018 revision of Government Auditing Standards (known as the Yellow Book) provide a framework for performing high-quality audit work with competence, integrity, objectivity, and independence to provide accountability and to help improve government operations and services. These standards, commonly referred to as generally accepted government auditing standards (GAGAS), provide the foundation for government auditors to lead by example in the areas of independence, transparency, accountability, and quality through the audit process. This revision contains major changes from, and supersedes, the 2011 revision.