Muutke küpsiste eelistusi

Auditing Information Systems and Controls: The Only Thing Worse Than No Control Is the Illusion of Control [Kõva köide]

  • Formaat: Hardback, 238 pages, kõrgus x laius x paksus: 229x152x18 mm, kaal: 503 g
  • Ilmumisaeg: 22-Jun-2007
  • Kirjastus: Xlibris Us
  • ISBN-10: 1425763405
  • ISBN-13: 9781425763404
Teised raamatud teemal:
Auditing Information Systems and Controls: The Only Thing Worse Than No Control Is the Illusion of ControlSuurem pilt
  • Formaat: Hardback, 238 pages, kõrgus x laius x paksus: 229x152x18 mm, kaal: 503 g
  • Ilmumisaeg: 22-Jun-2007
  • Kirjastus: Xlibris Us
  • ISBN-10: 1425763405
  • ISBN-13: 9781425763404
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781425763404.html
Märksõnad:
Preface 13(2)
What This Book Covers
15(2)
This Book's Target Audience
17(1)
How to Use This Book
18(1)
Part 1: Sarbanes Oxley and Regulatory Agencies
Sarbanes Oxley Highlights
19(10)
Introduction
20(2)
Background
22(2)
Section 302
24(1)
Section 404
24(2)
Other SOX Standards
26(1)
Summary
27(2)
Regulatory Agencies and Control Frameworks
29(12)
Introduction
30(1)
SEC
31(1)
ISACA
31(1)
Foreign Corrupt Practices Act
32(1)
AICPA (Cohen Commission)
32(1)
COSO
32(2)
COBIT
34(1)
AICPA (Jenkins Committee)
35(1)
COSO Fraud Report
35(1)
POB Report on Audit Effectiveness
36(1)
SOX Highlights
36(1)
Audit Standard #2
37(1)
Basel II Accord
37(2)
Summary
39(2)
Part 2: Controls and IT Infrastructure
Controls Overview
41(12)
Introduction
42(1)
Importance of Controls
43(1)
Control Benefits
44(2)
Control Axioms
46(1)
Principles of Control
47(4)
Summary
51(2)
Control Definitions
53(16)
Introduction
54(1)
Control Types
55(3)
Separation of Duties
58(9)
Summary
67(2)
Establishment of a Sound IT Control Infrastructure
69(18)
Introduction
70(1)
Board of Directors
71(1)
The Audit Committee
72(3)
The CGO
75(3)
Audit Readiness Program
78(1)
Audit Teams
78(7)
Organization Chart
85(1)
Summary
85(2)
Proactive IT Control Activities
87(24)
Introduction
88(1)
Self-Assessments
89(4)
Peer Reviews
93(1)
Internal Audits
94(1)
Process Documentation
95(7)
Procedures
102(5)
Independent External Assessments
107(1)
Summary
108(3)
Assessment of IT Controls and Evaluation of Effectiveness
111(8)
Introduction
112(1)
Validate and Record Issues
112(1)
Risk Assessments
113(2)
Establish Corrective Action Plans
115(1)
Remediation Testing
115(1)
Review with Audit Committee
115(1)
Assessment of Control Posture
116(1)
Risk Assessments on SOX Recommendations
116(1)
Executive Appraisals
116(1)
Summary
117(2)
Part 3: The Audit Process
Internal Audit Process
119(14)
Introduction
120(2)
Kickoff meetings
122(1)
Requests
123(1)
Interviews
124(2)
Findings
126(1)
Status Meetings
127(1)
Recommendations
128(1)
Final Report
128(1)
Final Audit Report Distribution
129(1)
Final Audit Report Response
129(1)
Summary
130(3)
Sarbanes Oxley Audit Process
133(10)
Introduction
134(1)
Separation of Duties
134(1)
SOX 404 Requirements
134(2)
Similarities to Traditional Audit Process
136(1)
Differences with Traditional Audit Processes
136(4)
Summary
140(3)
Part 4: Audit Activities
Development/Maintenance Methodology and Project Management
143(20)
Introduction
144(2)
SEI
146(3)
Work Management Methodology
149(7)
Metrics
156(1)
Quality Management
157(2)
Project Risk Management
159(1)
Summary
160(3)
Production Change Management
163(16)
Introduction
164(1)
Work Authorizations
165(3)
Testing
168(1)
Issues Management
169(1)
Library Control
170(1)
Code Migration
171(4)
Summary
175(4)
Application Controls
179(16)
Introduction
180(2)
Application Ownership
182(1)
Application Documentation
183(1)
Input Controls/Output Controls/Interface Controls
183(2)
Balancing/Reconciliation
185(1)
Processing Controls
186(1)
Backup & Restart Procedures
186(1)
Application Access Controls
187(3)
Data Classification Controls
190(1)
Application Monitoring
191(1)
Service Level Agreements
192(1)
Summary
193(2)
Operational Controls
195(22)
Introduction
196(2)
Security Responsibilities
198(1)
Logical Controls
199(9)
Physical Controls
208(7)
Business Continuity
215(1)
Summary
216(1)
Part 5: New Challenges
Spreadsheets
217(8)
Introduction
218(1)
Background
219(1)
Potential Risks
220(1)
Proactive Measures
221(2)
Summary
223(2)
Outsourcing IT Controls (SAS70)
225(11)
Introduction
226(1)
SAS70 Background
227(1)
Types of SAS70 Reports
228(1)
SAS70 Report Conclusion
228(1)
Benefits of a SAS70 Report
229(1)
SAS70 Process
230(2)
The Decision for a SAS70 report
232(2)
Timing of the SAS70 Audit
234(1)
Diffeerence between a SAS70 Audit and a Traditional Audit
234(1)
Effect of SAS70 on Outsourcing
235(1)
Summary
236