Instant download Solution Manual for Information Technology Auditing 3rd Edition by Hall pdf docx epub after payment.
Product details:
- ISBN-10 : 1439079110
- ISBN-13 : 978-1439079119
- Author: James A. Hall
IT AUDITING is an innovative and cutting edge text, which provides students with a solid background in traditional auditing as well as in the auditing of accounting information systems. This new edition includes updated and expanded coverage of enterprise systems and fraud and fraud detection topics such as continuous online auditing. After reading Hall’s IT Auditing, students will gain a true understanding of how these audits take place in the real world.
Table of contents:
Chapter 1 Building an Effective Internal IT Audit Function
Why Are We Here? (The Internal Audit Department’s Mission)
Independence: The Great Myth
Adding Value Outside of Formal Audits
Business Advisory Audits
Four Methods for Business Advisory Audits
Early Involvement
Informal Audits
Knowledge Sharing
Self-Assessments
Continuous Auditing
Final Thoughts on Adding Value Outside of Formal Audits
Relationship Building: Partnering vs. Policing
Learning to Build Partnerships
The Role of the IT Audit Team
Application Auditors (or Integrated Auditors)
Data Extraction and Analysis Specialists
IT Auditors
Forming and Maintaining an Effective IT Audit Team
Career IT Auditors
IT Professionals
Career IT Auditors vs. IT Professionals: Final Thoughts
Co-sourcing
Maintaining Expertise
Sources of Learning
Relationship with External Auditors and Internal Assurance Functions
Summary
Chapter 2 The Audit Process
Internal Controls
Types of Internal Controls
Internal Control Examples
Determining What to Audit
Creating the Audit Universe
Ranking the Audit Universe
Determining What to Audit: Final Thoughts
The Stages of an Audit
Planning
Fieldwork and Documentation
Issue Discovery and Validation
Solution Development
Report Drafting and Issuance
Issue Tracking
Standards
Summary
Part II Auditing Techniques
Chapter 3 Auditing Entity-Level Controls
Background
Test Steps for Auditing Entity-Level Controls
Knowledge Base
Master Checklist
Chapter 4 Auditing Cybersecurity Programs
Background
Steps for Auditing Cybersecurity Programs
Knowledge Base
Master Checklist
Chapter 5 Auditing Data Centers and Disaster Recovery
Background
Data Center Auditing Essentials
Physical Security and Environmental Controls
System and Site Resiliency
Data Center Operations
Disaster Preparedness
Test Steps for Auditing Data Centers
Neighborhood and External Risk Factors
Physical Access Controls
Environmental Controls
Power and Electricity
Fire Suppression
Data Center Operations
System Resiliency
Data Backup and Restoration
Disaster Recovery Planning
Knowledge Base
Master Checklists
Chapter 6 Auditing Networking Devices
Background
Network Auditing Essentials
Protocols
OSI Model
Routers and Switches
LANs, VLANs, WANs, and WLANs
Firewalls
Auditing Switches, Routers, and Firewalls
General Network Equipment Audit Steps
Additional Switch Controls: Layer 2
Additional Router Controls: Layer 3
Additional Firewall Controls
Additional Controls for Wireless Network Gear
Tools and Technology
Knowledge Base
Master Checklists
Chapter 7 Auditing Windows Servers
Background
Windows Auditing Essentials
Command-Line Tips
Essential Command-Line Tools
Common Commands
Server Administration Tools
Performing the Audit
Test Steps for Auditing Windows
Initial Steps
Account Management
Permissions Management
Network Security and Controls
Security Monitoring and Other General Controls
Tools and Technology
Knowledge Base
Master Checklist
Chapter 8 Auditing Unix and Linux Operating Systems
Background
Unix and Linux Auditing Essentials
Key Concepts
File System Layout and Navigation
File System Permissions
Users and Authentication
Network Services
Test Steps for Auditing Unix and Linux
Account Management
Permissions Management
Network Security and Controls
Security Monitoring and Other General Controls
Tools and Technology
Network Vulnerability Scanners
NMAP
Malware Detection Tools
Tools for Validating Password Strength
Host-Based Vulnerability Scanners
Shell/Awk/etc
Knowledge Base
Master Checklists
Chapter 9 Auditing Web Servers and Web Applications
Background
Web Auditing Essentials
One Audit with Multiple Components
Part 1: Test Steps for Auditing the Host Operating System
Part 2: Test Steps for Auditing Web Servers
Part 3: Test Steps for Auditing Web Applications
Additional Steps for Auditing Web Applications
Tools and Technology
Knowledge Base
Master Checklists
Chapter 10 Auditing Databases
Background
Database Auditing Essentials
Common Database Vendors
Database Components
NoSQL Database Systems
Test Steps for Auditing Databases
Initial Steps
Operating System Security
Account Management
Permissions Management
Data Encryption
Security Log Monitoring and Management
Tools and Technology
Auditing Tools
Monitoring Tools
Encryption Tools
Knowledge Base
Master Checklist
Chapter 11 Auditing Big Data and Data Repositories
Background
Big Data and Data Repository Auditing Essentials
Test Steps for Auditing Big Data and Data Repositories
Knowledge Base
Master Checklist
Chapter 12 Auditing Storage
Background
Storage Auditing Essentials
Key Storage Components
Key Storage Concepts
Test Steps for Auditing Storage
Initial Steps
Account Management
Storage Management
Encryption and Permissions Management
Security Monitoring and Other General Controls
Knowledge Base
Master Checklists
Chapter 13 Auditing Virtualized Environments
Background
Commercial and Open-Source Projects
Virtualization Auditing Essentials
Test Steps for Auditing Virtualization
Initial Steps
Account Management and Resource Provisioning/Deprovisioning
Virtual Environment Management
Security Monitoring and Additional Security Controls
Knowledge Base
Hypervisors
Tools
Master Checklists
Chapter 14 Auditing End-User Computing Devices
Background
Part 1: Auditing Windows and Mac Client Systems
Windows and Mac Auditing Essentials
Test Steps for Auditing Windows and Mac Client Systems
Tools and Technology
Knowledge Base
Part 2: Auditing Mobile Devices
Mobile Device Auditing Essentials
Test Steps for Auditing Mobile Devices
Additional Considerations
Tools and Technology
Knowledge Base
Master Checklists
Chapter 15 Auditing Applications
Background
Application Auditing Essentials
Test Steps for Auditing Applications
Input Controls
Interface Controls
Audit Trails and Security Monitoring
Account Management
Permissions Management
Software Change Controls
Backup and Recovery
Data Retention and Classification and User Involvement
Operating System, Database, and Other Infrastructure Controls
Master Checklists
Chapter 16 Auditing Cloud Computing and Outsourced Operations
Background
Cloud Computing and Outsourced Operations Auditing Essentials
IT Systems, Software, and Infrastructure Outsourcing
IT Service Outsourcing
Other Considerations for IT Service Outsourcing
Third-Party Reports and Certifications
Test Steps for Auditing Cloud Computing and Outsourced Operations
Initial Steps
Vendor Selection and Contracts
Account Management and Data Security
Operations and Governance
Legal Concerns and Regulatory Compliance
Tools and Technology
Knowledge Base
Master Checklist
Chapter 17 Auditing Company Projects
Background
Project Auditing Essentials
High-Level Goals of a Project Audit
Basic Approaches to Project Auditing
Waterfall and Agile Software Development Methodologies
Seven Major Parts of a Project Audit
Test Steps for Auditing Company Projects
Overall Project Management
Project Startup, Requirements Gathering, and Initial Design
Detailed Design and System Development
Testing
Implementation
Training
Project Wrap-Up
Knowledge Base
Master Checklists
Chapter 18 Auditing New/Other Technologies
Background
New/Other Technology Auditing Essentials
Generalized Frameworks
Best Practices
Test Steps for Auditing New and Other Technologies
Initial Steps
Account Management
Permissions Management
Network Security and Controls
Security Monitoring and Other General Controls
Master Checklists
Part III Frameworks, Standards, Regulations, and Risk Management
Chapter 19 Frameworks and Standards
Introduction to Internal IT Controls, Frameworks, and Standards
COSO
COSO Definition of Internal Control
Key Concepts of Internal Control
Internal Control–Integrated Framework
Enterprise Risk Management–Integrated Framework
Relationship Between Internal Control and Enterprise Risk Management Publications
IT Governance
People also search:
Information Technology Auditing 3rd Edition
Information Technology Auditing 3rd Edition pdf
Information Technology Auditing
what is information technology auditor
impact of information technology on auditing |
information technology audit definition