IT Auditing: Using Controls to Protect Information Assets

About this book

Protect Your Systems with Proven IT Auditing Strategies "A must-have for auditors and IT professionals." -Doug Dexter CISSP-ISSMP CISA Audit Team Lead Cisco Systems Inc. Plan for and manage an effective IT audit program using the in-depth information contained in this comprehensive resource. Written by experienced IT audit and security professionals IT Auditing: Using Controls to Protect Information Assets covers the latest auditing tools alongside real-world examples ready-to-use checklists and valuable templates. Inside youll learn how to analyze Windows UNIX and Linux systems; secure databases; examine wireless networks and devices; and audit applications. Plus youll get up-to-date information on legal standards and practices privacy and ethical issues and the CobiT standard. Build and maintain an IT audit function with maximum effectiveness and value Implement best practice IT audit processes and controls Analyze UNIX- Linux- and Windows-based operating systems Audit network routers switches firewalls WLANs and mobile devices Evaluate entity-level controls data centers and disaster recovery plans Examine Web servers platforms and applications for vulnerabilities Review databases for critical controls Use the COSO CobiT ITIL ISO and NSA INFOSEC methodologies Implement sound risk analysis and risk management practices Drill down into applications to find potential control weaknesses