Information Technology Control and Audit, Second Edition ND LANs

Information Technology Control and Audit, Second Edition is an excellent introductory textbook for IT auditing. It covers a wide range of topics in the field including the audit process, the legal environment of IT auditing, security and privacy, and much more.

This textbook first examines the foundation of IT audit and control, discussing what IT auditing involves and the guidance provided by organizations in dealing with control and auditability issues. It then analyzes the process of audit and review, explores IT governance and control, and discusses the CobiT framework and steps that align IT decisions with business strategy. This volume examines project management processes that ensure that projects are controlled from inception through integration.

It continues by addressing auditing IT acquisition and implementation, describing risks and controls as related to the life cycle of application systems. It highlights the purchase and installation of new systems, as well as change management. The next section examines the auditing of IT operations in both standalone and global environments, covering types of IT operation, issues related to specific platforms, risk and control assessment, and audit methods and support tools.

The textbook concludes with a review of emerging issues, providing undergraduate and graduate students with a thorough overview of a topic critical to organizational security and integrity.

Gallegos (California State Polytechnic University) offers an introductory reference for beginning IT auditors, explaining foundation concepts of IT audit and control, analyzing the process of audit and review, exploring IT governance and control, discussing the steps that align IT decisions with business strategy, and outlining project management processes. IT acquisition and implementation, the auditing of IT operations in both standalone and global environments, and emerging issues are also addressed. Learning features include chapter summaries, review questions, quizes, and exercises. The book is distributed by CRC.
Annotation ©2004 Book News, Inc., Portland, OR (booknews.com)

This text provides an introduction to IT auditing, covering topics such as the audit process, the legal environment of IT auditing, security and privacy, and more. Includes review questions, chapter exercises, answers, and references.