IT Auditing: Using Controls to Protect Information Assets

 "A must-have for auditors and IT professionals."  -Doug Dexter, CISSP-ISSMP, CISA, Audit Team Lead, Cisco Systems, Inc.

Plan for and manage an effective IT audit program using the in-depth information contained in this comprehensive resource. Written by experienced IT audit and security professionals, IT Auditing:Using Controls to Protect Information Assets covers the latest auditing tools alongside real-world examples, ready-to-use checklists, and valuable templates. Inside, you'll learn how to analyze Windows, UNIX, and Linux systems; secure databases; examine wireless networks and devices; and audit applications. Plus, you'll get up-to-date information on legal standards and practices, privacy and ethical issues, and the CobiT standard. 

Build and maintain an IT audit function with maximum effectiveness and value

• Implement best practice IT audit processes and controls
• Analyze UNIX-, Linux-, and Windows-based operating systems
• Audit network routers, switches, firewalls, WLANs, and mobile devices
• Evaluate entity-level controls, data centers, and disaster recovery plans
• Examine Web servers, platforms, and applications for vulnerabilities
• Review databases for critical controls
• Use the COSO, CobiT, ITIL, ISO, and NSA INFOSEC methodologies
• Implement sound risk analysis and risk management practices
• Drill down into applications to find potential control weaknesses