"A much-needed service for society today. I hope this book reaches information managers in the organization now vulnerable to hacks that are stealing corporate information and even holding it hostage for ransom."– Ronald W. Hull, author, poet, and former professor and university administratorA comprehensive entity security program deploys information asset protection through stratified technological and non-technological controls. Controls are necessary for counteracting th...

IS audit area planning mastery reflects professional experience and training. Regarding subject mastery, this booklet contains a detail plan preparation, documentation, and presentation process for IS audits; which can be translated, if practiced, into professional experience.

"Assuring IT Legal Compliance" was written with the intent to create quality quick reference material for assurance service practitioners. Therefore, this pocket guide is appropriate for entity employees interested in ensuring, or verifying, IT legal compliance in any industry or geographic location.

"IT Auditing: An Adaptive Process" is a self-contained tool for learning IT audit process flexibility -- while performing effective IT audits -- as well as companion subject matter material for "IT Auditing: The Process." Specifically, "IT Auditing: An Adaptive Process" is an enhanced and consolidated version of four IT audit monographs.This workbook invites the reader to practice IT auditing based on generally accepted IT audit standards and guidelines through detailed examples. F...

"Ensuring Information Assets Protection" presents a proven approach to deploying entity-centric IT security frameworks, architectures, methods, and techniques. In terms of content, this publication converts selected standards and guidelines into practical applications using detailed examples and conceptual graphics.

Depending on the abstraction level, IT governance can be viewed as a framework, methodology, or technique. As a framework, IT governance enables a "system of controls" assisting in assuring organizational goals and objectives are achieved effectively and efficiently. As a methodology, IT governance furnishes a description of the role entity direction and controls play in achieving information systems objectives. Lastly, as a technique, IT governance provides processes and steps that can ge...

"IT Auditing: Assuring Information Assets Protection" provides a proven approach to assessing IT security frameworks, architectures, methods, and techniques. In terms of content, this publication converts selected audit standards and guidelines into practical applications using detailed examples and conceptual graphics. This publication also allows auditors and security professionals to understand various steps and processes required to adequately initiate, document, and compile informatio...

IS audit area study and evaluation mastery reflects professional experience and training. Regarding subject mastery, this booklet contains a detail control system review, analysis, and evaluation process for IS audits; which can be translated, if practiced, into professional experience.

Information and associated technologies continue to advance toward diverse distributed configuration environments for entering, processing, storing, and retrieving data. The magnitude of changes occurring can be clearly seen in the explosion of linked IT infrastructures connected to cloud computing service providers and mobile computing devices. Consequently, the impact of such decentralization has increased the need for effective safeguarding of information assets.Foundationally p...

IS audit area testing mastery reflects professional experience and training. Regarding subject mastery, this booklet presents methods and techniques available for testing computer programs, files, and information systems; which can be translated, if practiced, into professional experience. Chronologically, this monograph describes required audit steps performed during an audit area assignment.

IS audit area reporting mastery reflects professional experience and training. Regarding subject mastery, this booklet presents finding form analysis, draft report writing and presentation; which can be translated, if practiced, into professional experience. Chronologically, this monograph describes required audit steps performed during an audit area assignment.

This first edition of Information Systems Auditing: The IS Audit Follow-up Process is part of an electronic booklets series providing comprehensive IS audit planning, study, evaluation, testing, and reporting methods. In terms of content, these monographs convert selected audit standards into practical applications using detailed examples. These monographs also allow auditors to understand various steps and processes required to adequately initiate, document, and compile IT audit phases. M...