Understanding and Conducting Information Systems Auditing: 618-Wow! eBook

Understanding and Conducting Information Systems Auditing: 618 book cover

Understanding and Conducting Information Systems Auditing: 618

Author(s): Veena Hingarh (Author), Arif Ahmed (Author)

Publisher: Wiley
Publication Date: 15 Mar. 2013
Edition: 1st
Language: English
Print length: 304 pages
ISBN-10: 1118343743
ISBN-13: 9781118343746

Book Description

A comprehensive guide to understanding and auditing modern information systems

The increased dependence on information system resources for performing key activities within organizations has made system audits essential for ensuring the confidentiality, integrity, and availability of information system resources. One of the biggest challenges faced by auditors is the lack of a standardized approach and relevant checklist. Understanding and Conducting Information Systems Auditing brings together resources with audit tools and techniques to solve this problem.

Featuring examples that are globally applicable and covering all major standards, the book takes a non-technical approach to the subject and presents information systems as a management tool with practical applications. It explains in detail how to conduct information systems audits and provides all the tools and checklists needed to do so. In addition, it also introduces the concept of information security grading, to help readers to implement practical changes and solutions in their organizations.

Includes everything needed to perform information systems audits
Organized into two sections―the first designed to help readers develop the understanding necessary for conducting information systems audits and the second providing checklists for audits
Features examples designed to appeal to a global audience

Taking a non-technical approach that makes it accessible to readers of all backgrounds, Understanding and Conducting Information Systems Auditing is an essential resource for anyone auditing information systems.

Editorial Reviews

Review

Select Guide Rating

From the Inside Flap

The increased dependence on information systems assets for performing critical functions of an organization has enhanced the need for using an information systems audit as a control to ensure confidentiality, integrity, and availability of information systems resources. But in order to achieve these goals, auditors in this field face some difficult challenges, including the absence of a standardized audit approach and the lack of relevant checklists.

As experts in the information systems arena, authors Veena Hingarh and Arif Ahmed are quite familiar with these important issues. And now, with Understanding and Conducting Information Systems Auditing, they share their valuable insights with you.

Divided into two comprehensive parts, this practical guide focuses on the subject of information systems audit as one driven by management―not technology.

Part One skillfully provides the knowledge that all information systems auditors must have to effectively perform their job. The ten chapters included here progressively build up your competence for conducting a real-life information systems audit as they cover everything from hardware and software security issues to business continuity and disaster recovery plans.

Part Two of the book explains the process involved in conducting an ISecGrade audit for awarding security grade to an auditee and contains forty domain-specific checklists under the ISecGrade methodology―a proprietary open source information systems audit methodology developed by the South Asian Management Technologies Foundation. Various checklists, regulatory guidelines, and best practice standards were consulted to develop these checklists as well as the authors’ personal experiences with conducting information systems audits.

Complete with the most up-to-date information you need to understand the subject, definitions of technical terms, checklists to conduct audits, and a session quiz to review the level of your understanding, this book is an indispensable resource for the information systems practitioner and aspiring professional.

Engaging and accessible, Understanding and Conducting Information Systems Auditing will help you make information technology installation across the world more secure.

From the Back Cover

UNDERSTANDING AND CONDUCTING INFORMATION SYSTEMS AUDITING

“This comprehensive book forms a basis for new auditors as well as experienced auditors working within an IT environment. Covering, as it does, such aspects as hardware and software security, the conducting of an information systems risk-based audit, as well as business continuity and disaster recovery planning, it acts as a reference manual as well as an instruction manual. Some of the focal areas such as security testing and vulnerability analysis are of particular benefit to the auditor, and the inclusion of ISecGrade Checklists makes this a must-have addition to any IT auditor’s library.”

―Richard Cascarino, MBA, CIA, CRMA, CFE, CISM

“Network security among organizations remains a major challenge in the evolution of the digital economy. If it were simply a technology issue the organizations could rely on IT engineers to deploy marvels of technological excellence. But ensuring continuous security is more than a mere technical matter. The authors, who are an extraordinary blend of accounting professionals with rich international experience and network security experts (CISA certified), have superbly deployed their own professional expertise to bring out a practical guide to organizational security in the digital economy. Like a master blender they have provided a rich interdisciplinary perspective with centrality of managerial responsibility. The central theme is that both technological design and managerial systems must continuously evolve in tandem. The book will be an invaluable guide for such organizations that are looking to enhance their management control systems and dynamically evolve along with technological change.”

―Anil Rawat, PhD, Director, Institute of Business Management & Technology; Director, International Academy for Knowledge, Innovation & Technology Management, Bangalore

“A balanced and practical book that covers all the key elements of information security. While it is an ideal reference for IS/IT managers, auditors, and chartered accountants, the book does not lose relevance for the practitioners of IS, and keeps up to the demands of business and industry by addressing current management and auditing techniques of information security. The templates available in the book are especially useful for quick, out-of-the-box implementation of an in-house or external IS audit. It’s a reference book, practitioner’s handbook, and a textbook on IS audit rolled into one!”

―Mridul Banerjee, CISM, CRISC

“The authors provide an excellent overview of the information systems audit process, with an emphasis on today’s evolving newer technologies and issues, such as performing audits in an e-commerce environment and systems security testing. The book is particularly strong in providing good, precise definitions and the audit implications for many of the technology concepts―such as routers, thin clients, or cloud computing―that are frequently used by information system auditors but where accurate definitions are often difficult. This kind of information helps both information system auditing newcomers and experienced professionals.

In addition to a wide range of information systems auditing and risk-based materials, the book has a large section of detailed information systems audit checklists that can be tailored to many environments. The book is an excellent resource for the information systems audit professional.”

―Robert R. Moeller, CPA, CISA, CISSP, author of multiple books on internal auditing, risk management, and IT governance

About the Author

VEENA HINGARH is Joint Director of the South Asian Management Technologies Foundation, a center for research, training, and application in the areas of finance and risk management, which provides training in areas including IS auditing, enterprise risk management, and risk modeling. Winner of numerous merit-based awards during her career, Hingarh’s major areas of focus are IFRS and IS. She speaks frequently at conferences and platforms throughout Asia and the Middle East. Hingarh is a Chartered Accountant from the Institute of Chartered Accountants of India (ICAI), Certified Company Secretary of the Institute of Company Secretaries of India (ICSI), and Certified Information System Auditor (CISA) from ISACA (USA).

ARIF AHMED is a professor at and Director of the South Asian Management Technologies Foundation as well as a Chartered Accountant from the Institute of Chartered Accountants of India (ICAI). He is an Information Security Management System Lead Auditor for the British Standards Institution. Ahmed’s areas of focus are finance and risk management, and he has over two decades of postqualification experience in training and strategic consulting. He has been interviewed and quoted throughout the media and has spoken at various seminars and institutions, including the Institute of Chartered Accountants of India, XLRI, and the Institute of Company Secretaries of India.

View on Amazon

{“@context”:”https://schema.org”,”@type”:”Book”,”name”:”Understanding and Conducting Information Systems Auditing: 618″,”image”:”https://m.media-amazon.com/images/I/51V-LgYA0TL._SY445_SX342_ML2_.jpg”,”author”:{“@type”:”Person”,”name”:”Veena Hingarh (Author), Arif Ahmed (Author)”},”publisher”:{“@type”:”Organization”,”name”:”Wiley”},”datePublished”:”15 Mar. 2013″,”isbn”:”9781118343746″,”numberOfPages”:304,”inLanguage”:”English”,”description”:”A comprehensive guide to understanding and auditing modern information systemsThe increased dependence on information system resources for performing key activities within organizations has made system audits essential for ensuring the confidentiality, integrity, and availability of information system resources. One of the biggest challenges faced by auditors is the lack of a standardized approach and relevant checklist. Understanding and Conducting Information Systems Auditing brings together resources with audit tools and techniques to solve this problem.Featuring examples that are globally applicable and covering all major standards, the book takes a non-technical approach to the subject and presents information systems as a management tool with practical applications. It explains in detail how to conduct information systems audits and provides all the tools and checklists needed to do so. In addition, it also introduces the concept of information security grading, to help readers to implement practical changes and solutions in their organizations.Includes everything needed to perform information systems auditsOrganized into two sections―the first designed to help readers develop the understanding necessary for conducting information systems audits and the second providing checklists for auditsFeatures examples designed to appeal to a global audienceTaking a non-technical approach that makes it accessible to readers of all backgrounds, Understanding and Conducting Information Systems Auditing is an essential resource for anyone auditing information systems.”,”bookEdition”:”1st”,”url”:”https://www.amazon.co.uk/dp/1118343743/”,”bookFormat”:”http://schema.org/EBook”,”additionalType”:”http://schema.org/PDF”,”fileSize”:”43 MB”,”accessibilityFeature”:[“login required”,”member access only”],”accessibilitySummary”:”PDF version available to authenticated members only. File size: 43 MB.”}

电子书代发PDF格式价格30元我要求助