Stephen D. Gantz - The Basics of IT Audit: Purposes, Processes, and Practical Information
Here you can read online Stephen D. Gantz - The Basics of IT Audit: Purposes, Processes, and Practical Information full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2013, publisher: Syngress, genre: Business. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:
Romance novel
Science fiction
Adventure
Detective
Science
History
Home and family
Prose
Art
Politics
Computer
Non-fiction
Religion
Business
Children
Humor
Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.
- Book:The Basics of IT Audit: Purposes, Processes, and Practical Information
- Author:
- Publisher:Syngress
- Genre:
- Year:2013
- Rating:5 / 5
- Favourites:Add to favourites
- Your mark:
The Basics of IT Audit: Purposes, Processes, and Practical Information: summary, description and annotation
We offer to read an annotation, description, summary or preface (depends on what the author of the book "The Basics of IT Audit: Purposes, Processes, and Practical Information" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.
The Basics of IT Audit: Purposes, Processes, and Practical Information provides you with a thorough, yet concise overview of IT auditing. Packed with specific examples, this book gives insight into the auditing process and explains regulations and standards such as the ISO-27000, series program, CoBIT, ITIL, Sarbanes-Oxley, and HIPPA.
IT auditing occurs in some form in virtually every organization, private or public, large or small. The large number and wide variety of laws, regulations, policies, and industry standards that call for IT auditing make it hard for organizations to consistently and effectively prepare for, conduct, and respond to the results of audits, or to comply with audit requirements.
This guide provides you with all the necessary information if youre preparing for an IT audit, participating in an IT audit or responding to an IT audit.
- Provides a concise treatment of IT auditing, allowing you to prepare for, participate in, and respond to the results
- Discusses the pros and cons of doing internal and external IT audits, including the benefits and potential drawbacks of each
- Covers the basics of complex regulations and standards, such as Sarbanes-Oxley, SEC (public companies), HIPAA, and FFIEC
- Includes most methods and frameworks, including GAAS, COSO, COBIT, ITIL, ISO (27000), and FISCAM
Stephen D. Gantz: author's other books
Who wrote The Basics of IT Audit: Purposes, Processes, and Practical Information? Find out the surname, the name of the author of the book and a list of all author's works by series.
The Basics of IT Audit: Purposes, Processes, and Practical Information — read online for free the complete book (whole text) full work
Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "The Basics of IT Audit: Purposes, Processes, and Practical Information" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.
Font size:
Interval:
Bookmark:
Stephen D. Gantz
Technical Editor
Steve Maske
Acquiring Editor:Steve Elliot
Editorial Project Manager:Benjamin Rearick
Project Manager:Malathi Samayan
Designer:Matthew Limbert
Syngress is an imprint of Elsevier
225 Wyman Street, Waltham, MA 02451, USA
2014 Elsevier Inc. All rights reserved
No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publishers permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions.
This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein).
Notices
Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods or professional practices, may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information or methods described here in. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility.
To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein.
Library of Congress Cataloging-in-Publication Data
Gantz, Stephen D.
The basics of IT audit: purposes, processes, and practical information / Stephen D. Gantz.
pages cm
Includes bibliographical references and index.
ISBN 978-0-12-417159-6 (pbk.)
1. Information technologyAuditing. 2. Computer security. 3. Computer networks--Security measures. I. Title.
T58.5.G37 2013
004.068'1--dc23
2013036148
British Library Cataloguing-in-Publication Data
A catalogue record for this book is available from the British Library
For information on all Syngress publications, visit our website at store.elsevier.com/Syngress
ISBN: 978-0-12-417159-6
Printed and bound in the United States of America
14 15 16 13 12 11 10 9 8 7 6 5 4 3 2 1
Dedicated to my wife Rene, my son Henry, and my daughters Claire and Gillian, without whose support and forbearance I would not have been able to devote the necessary time and energy into this project.
I would like to acknowledge the very capable support provided by members of the Syngress/Elsevier team in bringing this project to completion, particularly including Steve Elliot and Ben Rearick. Thanks also go to Steven Maske for his helpful feedback, comments, and technical edits on this book. I am also grateful for the guidance and constructive criticism on my writing provided by Dr. Thomas Mierzwa, who served as my dissertation adviser as I completed my doctorate in management shortly before beginning work on this book.
Work in information technology (IT) characterizes my entire careeras a consultant, as a software and security architect, and as an educator and author. I appreciate the many professional opportunities I have received during that time, including my initial exposure to fraud detection and forensic investigation from Malcolm Sparrow more than 15 years ago and subsequent experience in IT auditing and information security since that time. I have been fortunate to work for many managers and executives who have encouraged my continued career development and self-directed projects and writing initiatives. I am especially grateful for the leadership and support of my current management team, including Michele Kang, Davis Foster, Aaron Daniels, Tom Stepka, and Sean Gallagher, who collectively helped in providing a dynamic and engaging work environment and the opportunity to challenge myself on many types of internal and client-facing projects.
Dr Stephen D. Gantz (CISSP-ISSAP, CEH, CGEIT, CRISC, CIPP/G, C|CISO) is an information security and information technology (IT) consultant with over 20 years of experience in security and privacy management, enterprise architecture, systems development and integration, and strategic planning. He currently holds an executive position with a health information technology services firm primarily serving federal and state government customers. He is also an associate professor of Information Assurance in the Graduate School at University of Maryland University College (UMUC) and an adjunct lecturer in the Health Information Technology program of the Catholic University of Americas School of Library and Information Science. He maintains a security-focused web site and blog at http://www.securityarchitecture.com.
His security and privacy expertise spans program management, security architecture, policy development and enforcement, risk assessment, and regulatory compliance with major legislation such as FISMA, HIPAA, and the Privacy Act. His industry experience includes health, financial services, higher education, consumer products, and manufacturing, but since 2000 his work has focused on security and other information resources management functions in state and federal government agencies and in private sector industries responsible for critical infrastructure. He holds a Doctor of Management degree from UMUC, where his dissertation focused on trust and distrust in inter-organizational networks, alliances, and other cooperative relationships. He also earned a masters degree in public policy from the Kennedy School of Government at Harvard University and a bachelors degree from Harvard. He currently resides in Arlington, Virginia with his wife Rene and children Henry, Claire, and Gillian.
Steven Maske (CISA, CISSP) is an information security professional with over 12 years in the information technology (IT) industry. As the lead security engineer for a Fortune 1000 company he designs, develops, and tests information security solutions and establishes policies, procedures, and controls to ensure regulatory compliance. He is responsible for identifying and managing risks and overseeing IT projects and strategic initiatives. He has previous experience as a consultant where he performed over 150 vulnerability assessments, penetration tests, and IT audits.
He is an active member of the security community and can be found on Twitter as @ITSecurity or via his blog, http://SecurityRamblings.com.
Font size:
Interval:
Bookmark:
Similar books «The Basics of IT Audit: Purposes, Processes, and Practical Information»
Look at similar books to The Basics of IT Audit: Purposes, Processes, and Practical Information. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.
Discussion, reviews of the book The Basics of IT Audit: Purposes, Processes, and Practical Information and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.