- ホーム
- > 洋書
- > 英文書
- > Computer / General
Full Description
Secure Your Systems Using the Latest IT Auditing Techniques
Fully updated to cover leading-edge tools and technologies, IT Auditing: Using Controls to Protect Information Assets, Third Edition, explains, step by step, how to implement a successful, enterprise-wide IT audit program. New chapters on auditing cybersecurity programs, big data and data repositories, and new technologies are included. This comprehensive guide describes how to assemble an effective IT audit team and maximize the value of the IT audit function. In-depth details on performing specific audits are accompanied by real-world examples, ready-to-use checklists, and valuable templates. Standards, frameworks, regulations, and risk management techniques are also covered in this definitive resource.
• Build and maintain an internal IT audit function with maximum effectiveness and value
• Audit entity-level controls and cybersecurity programs
• Assess data centers and disaster recovery
• Examine switches, routers, and firewalls
• Evaluate Windows, UNIX, and Linux operating systems
• Audit Web servers and applications
• Analyze databases and storage solutions
• Review big data and data repositories
• Assess end user computer devices, including PCs and mobile devices
• Audit virtualized environments
• Evaluate risks associated with cloud computing and outsourced operations
• Drill down into applications and projects to find potential control weaknesses
• Learn best practices for auditing new technologies
• Use standards and frameworks, such as COBIT, ITIL, and ISO
• Understand regulations, including Sarbanes-Oxley, HIPAA, and PCI
• Implement proven risk management practices
Contents
PART 1: Audit Overview
Chapter 1: Building an Effective Internal IT Audit Function
Chapter 2: The Audit Process
PART 2: Auditing Techniques
Chapter 3: Auditing Entity-Level Controls
Chapter 4: Auditing Cybersecurity Programs
Chapter 5: Auditing Data Centers and Disaster Recovery
Chapter 6: Auditing Networking Devices
Chapter 7: Auditing Windows Operating Systems
Chapter 8: Auditing Unix and Linux Operating Systems
Chapter 9: Auditing Web Servers and Web Applications
Chapter 10: Auditing Databases
Chapter 11: Auditing Big Data and Data Repositories
Chapter 12: Auditing Storage
Chapter 13: Auditing Virtualized Environments
Chapter 14: Auditing End User Computing Devices
Chapter 15: Auditing Applications
Chapter 16: Auditing Cloud Computing and Outsourced Operations
Chapter 17: Auditing Company Projects
Chapter 18: Auditing New/Other Technologies
PART 3: Frameworks, Standards, and Regulations
Chapter 19: Standards and Frameworks
Chapter 20: Regulations
Chapter 21: Risk Management
