Book description:Secure Your Systems Using the Latest IT Auditing Techniques
Fully updated to cover leading-edge tools and technologies, IT Auditing: Using Controls to Protect Information Assets, Second Edition, explains, step by step, how to implement a successful, enterprise-wide IT audit program. New chapters on auditing cloud computing, outsourced operations, virtualization, and storage are included. This comprehensive guide describes how to assemble an effective IT audit team and maximize the value of the IT audit function. In-depth details on performing specific audits are accompanied by real-world examples, ready-to-use checklists, and valuable templates. Standards, frameworks, regulations, and risk management techniques are also covered in this definitive resource.
Build and maintain an internal IT audit function with maximum effectiveness and value
Audit entity-level controls, data centers, and disaster recovery
Examine switches, routers, and firewalls
Evaluate Windows, UNIX, and Linux operating systems
Audit Web servers and applications
Analyze databases and storage solutions
Assess WLAN and mobile devices
Audit virtualized environments
Evaluate risks associated with cloud computing and outsourced operations
Drill down into applications to find potential control weaknesses
Use standards and frameworks, such as COBIT, ITIL, and ISO
Understand regulations, including Sarbanes-Oxley, HIPAA, and PCI
Implement proven risk management practices
Chris Davis, CISA, CISSP, CCNP, served as a senior IT auditor for Texas Instruments. He teaches auditing and certification curriculum for Southern Methodist University and is the coauthor of Hacking Exposed: Computer Forensics and Anti-Hacker Toolkit. Mike Schiller, CISA, has 15 years of experience in the IT audit field, most recently as the worldwide IT Audit Manager at Texas Instruments. He teaches IT auditing courses at Southern Methodist University and is a frequent speaker at IT audit and IT security conferences such as CACS and InfoSec World. Kevin Wheeler, CISSP, CISA, NSA IAM/IEM, is the Founder and CEO of InfoDefense, an information security consultancy. He has worked with Bank of America, EDS, McAfee, and the State of Texas.
Keywords: IT, INFORMATION, TECHNOLOGY, AUDITING, USING, CONTROLS, PROTECT, ASSETS, EDITION, SECOND, BOOK, GUIDE, HOW TO, SECURITY, CHRIS DAVIS, MIKE SCHILLER, KEVIN WHEELER, AUDIT, OVERVIEW, BUILDING, EFFECTIVE, INTERNAL, FUNCTION, PROCESS, TECHNIQUES, ENTITY, LEVEL, DATA, CENTERS, DISASTER, RECOVERY, ROUTERS, SWITCHES, FIREWALLS, WINDOWS, OPERATING, SYSTEMS, UNIX, LINUX, WEB, SERVERS, APPLICATIONS, DATABASES, STORAGE, VIRTUALIZED, ENVIRONMENTS, WLAN, MOBILE, DEVICES, CLOUD, COMPUTING, OUTSOURCED, OPERATIONS, COMPANY, PROJECTS, STANDARDS, FRAMEWORKS, REGULATIONS, RISK, MANAGEMENT, SOLID, CHECKLISTS, FORMS, TOOLS, PROCEDURES, EXPOSURE, COMMON, CORPORATE, FRAUD, ACCOUNTABILITY, QUALIFIED, AUDITORS, SEGMENT, MARKET, VALID, HANDBOOK, PRACTITIONER, REAL-LIFE, SCENARIOS, SKILLS, COMPLEX, GUIDANCE, CREATING, VALUE-ADDED, PRACTICAL, CRITICAL, CONCEPTS, METHODS, HOW-TO, EXPERIENCED, NOVICE, INTERNATIONAL, GOVERNMENT, BANKING, HIGH-TECH, TIPS, ADVICE, CONFIGURE, RESULTS, DEVELOPMENTS, ASSOCIATION, ISACA, PROFESSIONALS, LEGAL, SERVICE, ORGANIZATIONS, FINANCIAL, CRISIS, PRIORITY, EXECUTIVES, ECONOMY, HACKING EXPOSED, HACKING EXPOSED WEB 2.0, HACKING EXPOSED VOIP, HACKING EXPOSED WINDOWS, HACKING EXPOSED WEB APPLICATIONS, HACKING EXPOSED CISCO NETWORKS, GRAY HAT HACKING, HACKING EXPOSED WIRELESS, HACKING EXPOSED COMPUTER FORENSICS, 19 DEADLY SINS OF SOFTWARE SECURITY, 24 DEADLY SINS OF SOFTWARE SECURITY, CCNA CISCO CERTIFIED NETWORK ASSOCIATE STUDY GUIDE, CCENT CISCO CERTIFIED ENTRY NETWORKING TECHNICIAN STUDY GUIDE, CCNA CISCO CERTIFIED NETWORK ASSOCIATE WIRELESS STUDY GUIDE, CISSP ALL-IN-ONE EXAM GUIDE, MOBILE APPLICATION SECURITY, HACKING EXPOSED MALWARE AND ROOTKITS, HACKING EXPOSED COMPUTER FORENSICS, HACKING EXPOSED VIRTUALIZATION & CLOUD COMPUTING, IT SECURITY METRICS, SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM) IMPLEMENTATION
