Introduction
Auditing Internal Controls in an IT Environment SOx and the COSO Internal Controls Framework Roles and Responsibilities of IT Auditors
Importance of Effective Internal Controls and COSO COSO Internal Control Systems Monitoring Guidance Sarbanes-Oxley Act
Wrapping It Up: COSO Internal Controls and Sox Notes
Using CobiT to Perform IT Audits Introduction to CobiT
CobiT Framework
Using CobiT to Assess Internal Controls Using CobiT in a SOx Environment CobiT Assurance Framework Guidance CobiT in Perspective
Notes
IIA and ISACA Standards for the Professional Practice of Internal Auditing Internal Auditing's International Professional Practice Standards
Content of the IPPF and the IIA International Standards Strongly Recommended IIA Standards Guidance ISACA IT Auditing Standards Overview
Codes of Ethics: The IIA and ISACA Notes
Understanding Risk Management Through COSO ERM Risk Management Fundamentals
Quantitative Risk Analysis Techniques
IIA and ISACA Risk Management Internal Audit Guidance COSO ERM: Enterprise Risk Management
IT Audit Risk and COSO ERM Notes
Performing Effective IT Audits
IT Audit and the Enterprise Internal Audit Function Organizing and Planning IT Audits
Developing and Preparing Audit Programs Gathering Audit Evidence and Testing Results Workpapers and Reporting IT Audit Results Preparing Effective IT Audits
Notes
Auditing IT General Controls
Importance of IT General Controls IT Governance General Controls IT Management General Controls
IT Technical Environment General Controls Notes
Infrastructure Controls and ITIL Service Management Best Practices ITIL Service Management Best Practices
ITIL's Service Strategies Component ITIL Service Design
ITIL Service Transition Management Processes ITIL Service Operation Processes
Service Delivery Best Practices Auditing IT Infrastructure Management Notes
Systems Software and IT Operations General Controls IT Operating System Fundamentals
Features of a Computer Operating System Other Systems Software Tools
Notes
Evolving Control Issues: Wireless Networks, Cloud Computing, and Virtualization Understanding and Auditing IT Wireless Networks
Understanding Cloud Computing Storage Management Virtualization Notes
Auditing and Testing IT Application Controls Selecting, Testing, and Auditing IT Applications IT Application Control Elements
Selecting Applications for IT Audit Reviews
Performing an Applications Controls Reviews: Preliminary Steps Completing the IT Applications Controls Audit
Application Review Case Study: Client-Server Budgeting System Auditing Applications Under Development
Importance of Reviewing IT Applicatio Controls Notes
Software Engineering and CMMi Software Engineering Concepts
CMMi: Capability Maturity Model for Integration CMMi Benefits
IT Audit, Internal Control, and CMMi Notes
Service-Oriented Computing and Service-Driven Applications IT Auditing in SOA Environments
Electronic Records Management Internal Control Issues and Risks IT Audits of Electronic Records Management Processes
Notes
Computer-Assisted Audit Tools and Techniques
Understanding Computer-Assisted Audit Tools and Techniques Determining the Need for CAATTs
CAATT Software Tools
Steps to Building Effective CAATTs
Importance of CAATTs for Audit Evidence Gathering Notes
Continuous Assurance Auditing, OLAP and XBRL Implementing Continuous Assurance Auditing Benefits of Continuous Assurance Auditing Tools Data Warehouses, Data Mining, and OLAP
XBRL: The Internet-Based Extensible Marking Language Newer Technologies, the Continuous Close, and IT audit Notes
Importance of IT Governance IT Controls and the Audit Committee Role of the Audit Committee for IT Auditors
Audit Committee Approval of Internal Audit Plans and Budgets Audit Committee Briefings on IT Audit Issues
Audit Committee Review and Action on Significant IT Audit Findings IT Audit and the Audit Committee
Val IT, Portfolio Management, and Project Management Val IT: Enhancing the Value of IT Investments
IT Systems Portfolio and Program Management Project Management for IT Auditors
Notes
Compliance with IT-Related Laws and Regulations Computer Fraud and Abuse Act
Computer Security Act of 1987 Gramm - Leach - Bliley Act
HIPAA: Healthcare and Much More
Other Personal Privacy and Security Legislative Requirements IT-Related Laws, Regulations, and Audit Standards
Understanding and Reviewing Compliance with ISO Standards
Background and Importance of ISO Standards in a Global Commerce World ISO Standards Overview
ISO 19011 Quality Management Systems Auditing ISO Standards and IT Auditors
Notes
IT Security Environment CONTROLS Generally Accepted Security Standards Effective IT Perimeter Security
Establishing an Effective, Enterprise-Wide Security Strategy Best Practices for It Audit and Security
Notes
Cyber-Security and Privacy Controls IT Network Security Fundamentals IT Systems Privacy Concerns PCI-DSS Fundamentals
Auditing IT Security and Privacy
Security and Privacy in the IT Audit Department Notes
IT Fraud Detection and Prevention
Understanding and Recognizing Fraud in an IT Environment Red Flags: Fraud Detection Signs for IT and other Internal Auditors Public Accounting's Role in Fraud Detection
IIA Standards and ISACA Materials for Detecting and Investigating Fraud IT Audit Fraud Risk Assessments
IT Audit Fraud Investigations IT Fraud Prevention Processes Fraud Detection and the IT Auditor Notes
Identity and Access Management
Importance of Identity and Access Management Identity Management Processes
Separation of Duties Identify Management Controls Access Management Provisioning
Authentication and Authorization
Auditing Identity and Access Management Processes Notes
Establishing Effective IT Disaster Recovery Processes IT Disaster and Business Continuity Planning Today Building and Auditing an IT Disaster Recovery Plan Building the IT Disaster Recovery Plan
Disaster Recovery Planning and Service Level Agreements
Newer Disaster Recovery Plan Technologies: Data Mirroring Techniques Auditing Business Continuity Plans
Disaster Recovery and Business Continuity Planning Going Forward Notes
Electronic Archiving and Data Retention
Elements of a Successful Electronic Records Management Process Electronic Documentation Standards
Implementing Electronic IT Data Archiving
Auditing Electronic Document Retention and Archival Processes Notes
Business Continuity Management and BS 25999
IT Business Continuity Management Planning Needs Today BS 25999 Good Practice Guidelines
Auditing BCM Processes
Linking the BCM with Other Standards and Processes Notes
Auditing Telecommunications and IT Communications Networks Network Security Concepts
Effective IT Network Security Controls Auditing a VPN Installation
Notes
Change and Patch Management Controls IT Change Management Processes
Auditing IT Change and Patch Management Controls Notes
Six Sigma and Lean Technologies Six Sigma Background and Concepts Implementing Six Sigma
Lean Six Sigma Notes
Building an Effective IT Internal Audit Function Establishing an IT Internal Audit Function
Internal Audit Charter: An Important IT Audit Authorization Role of the Chief Audit Executive
IT Audit Specialists
IT Audit Managers and Supervisors
Internal and IT Audit Policies and Procedures Organizing an Effective IT Audit Function Importance of a Strong IT Audit Function Notes
Professional Certifications: CISA, CIA, and More Certified Information Systems Auditor Credentials Certified Information Security Manager Credentials
Certificate in the Governance of Enterprise IT
Certified Internal Auditor Responsibilities and Requirements Beyond the CIA: Other IIA Certifications
CISSP Information Systems Security Professional Certification Certified Fraud Examiner Certification..
ASQ Internal Audit Certifications Other Internal Auditor Certifications Notes
Quality Assurance Auditing and ASQ Standards Duties and Responsibilities of Quality Auditors Role of the Quality Auditor
Performing ASQ Quality Audits
Quality Assurance Reviews of IT Audit Functions Future Directions for Quality Assurance Auditing Notes
About the Author Index
