IT Auditing Using Controls to Protect Information Assets, Third Edition

I read most of it. It contains a lot of checklists and briefly goes over standards. You can find the standards on the web. I knew some of the material contained within it from a couple other courses. Thus, I know it is comprehensive.

Certainly not impressed with the contents of this. It seemed quite generic and meaningless contents. Good for a text book for school, I suppose

Hard to read and scroll

"IT Auditing Using Controls to Protect Information Assets", Third Edition by Mike Kegerreis et al. is a omprehensive IT Audit resource on the mechanics of auditing EDP controls, application controls, system controls, cyberseurity,, disaster recovery planning and testing, the communications network and IT hiring.The auditor interrelationships are explained too. These include the IT audit function, the board of directors, the auditee, IT management and outside entities including contractors,vendor support and public accounting firms in companies under SEC supervision.The authors explain that the IT Audit function may consist of hirees from college (i.e. MIS majors),DP professionals and even IT licensed auditors.IT auditors examine audit entry level controls,cybersecurity,data center audits,disaster recovery planning and testing,physical access,environmental controls(heat,power,light and air conditioning), the power grid and UPS,backup and restoration,network audit controls,firewalls and much more.IT auditors may examine windows protocols,malware detection,the audits of data repositories and project management.Specialized applications audits may be performed during all phases of new system development from conceptual formulation to system design,testing,parallel,implementation and any customizations to the vanilla version of the new system.The IT auditor may establish partnerships with the IT department in areas like new system deployment,a new disaster recovery plan,testing the disaster recovery plan and installing a new operating system or major customizations to an existing OS.Overall,"IT Auditing Using Controls to Protect Information Assets", Third Edition by Mike Kegerreis et al. is a comprehensive and easy to understand treatise on IT auditing.This book should be in every collegiate MIS program and in the possession of every IT auditor and IT licensed professional.Most importantly, the authors explain the human relations dimensions of IT auditing and practical ways to approach the audit and auditee.

IT Auditing provides a systematic and straight forward approach to performing a comprehensive audit to ensure the security of digital assets and data. With included templates, checklists and breakdowns of the latest technology, IT Auditing 3rd Edition is the most comprehensive resource I've seen. I highly recommend it.