IT Auditing Using Controls to Protect Information Assets 2/E

Have a Promotion Code?

Please enter it here:

Great deals and more!

Sign up for special offers, exclusive discounts, and new product announcements from McGraw-Hill Professional.

SIGN UP TODAY


Date

January 15, 2011

Format

Electronic book text, 512 pages

ISBN

0071742395 / 9780071742399

Adobe Digital Editions® is required to view your downloaded eBooks.
Click here to get Adobe Digital Editions
To learn more about eBooks please see our eBook FAQ.


If you're having problems installing due to firewall issues please go here:
http://kb2.adobe.com/cps/403/kb403051.html

$

Your Price

70.00



Overview


Main description

Secure Your Systems Using the Latest IT Auditing Techniques

Fully updated to cover leading-edge tools and technologies, IT Auditing: Using Controls to Protect Information Assets, Second Edition, explains, step by step, how to implement a successful, enterprise-wide IT audit program. New chapters on auditing cloud computing, outsourced operations, virtualization, and storage are included. This comprehensive guide describes how to assemble an effective IT audit team and maximize the value of the IT audit function. In-depth details on performing specific audits are accompanied by real-world examples, ready-to-use checklists, and valuable templates. Standards, frameworks, regulations, and risk management techniques are also covered in this definitive resource.

  • Build and maintain an internal IT audit function with maximum effectiveness and value
  • Audit entity-level controls, data centers, and disaster recovery
  • Examine switches, routers, and firewalls
  • Evaluate Windows, UNIX, and Linux operating systems
  • Audit Web servers and applications
  • Analyze databases and storage solutions
  • Assess WLAN and mobile devices
  • Audit virtualized environments
  • Evaluate risks associated with cloud computing and outsourced operations
  • Drill down into applications to find potential control weaknesses
  • Use standards and frameworks, such as COBIT, ITIL, and ISO
  • Understand regulations, including Sarbanes-Oxley, HIPAA, and PCI
  • Implement proven risk management practices


Table of contents

Part I: Audit Overview; Chapter 1. Building an Effective Internal IT Audit Function; Chapter 2. The IT Audit Process; Part II: Auditing Techniques; Chapter 3. Auditing Entity Level Controls; Chapter 4. Auditing Data Centers and Disaster Recovery; Chapter 5. Auditing Routers, Switches, and Firewalls; Chapter 6. Auditing Windows Operating Systems; Chapter 7. Auditing UNIX and Linux Operating Systems; Chapter 8. Auditing Web Servers and Web Applications; Chapter 9. Auditing Databases; Chapter 10. Auditing Storage; Chapter 11. Auditing Virtualized Environments; Chapter 12. Auditing WLAN and Mobile Devices; Chapter 13. Auditing Applications; Chapter 14. Auditing Cloud Computing and Outsourced Operations; Chapter 15. Auditing Company Projects; Part III: Standards, Frameworks, and Regulations; Chapter 16. Standards and Frameworks; Chapter 17. Regulations; Chapter 18. Risk Management


Author comments

Chris Davis, CISA, CISSP, CCNP, served as a senior IT auditor for Texas Instruments. He teaches auditing and certification curriculum for Southern Methodist University and is the coauthor of Hacking Exposed: Computer Forensics and Anti-Hacker Toolkit.
Mike Schiller, CISA, has 15 years of experience in the IT audit field, most recently as the worldwide IT Audit Manager at Texas Instruments. He teaches IT auditing courses at Southern Methodist University and is a frequent speaker at IT audit and IT security conferences such as CACS and InfoSec World.
Kevin Wheeler, CISSP, CISA, NSA IAM/IEM, is the Founder and CEO of InfoDefense, an information security consultancy. He has worked with Bank of America, EDS, McAfee, and the State of Texas.





Copyright 2014 McGraw-Hill Global Education Holdings, LLC

WELCOME!

Before you can enjoy free downloads from McGraw-Hill Professional, we ask that you please provide your email address and country.



Yes, I want to receive other special offer.