Fourteen primarily Spanish information systems (IS) specialists have contributed chapters that examine a variety of issues revolving around auditing and control in information technology (IT) areas such as databases, security, maintenance, quality, and communications. Chapters include discussions of the basic concepts of IS auditing, function point metric auditing, and the legal aspects of IT auditing. Annotation c. Book News, Inc., Portland, OR (booknews.com)
Society's growing dependence on information technology for survival has elevated the importance of controlling and evaluating information systems. A sound plan for auditing information systems and the technology that supports them is a necessity for organizations to improve the IS benefits and allow the organization to manage the risks associated with technology. Auditing Information Systems gives a global vision of auditing and control, exposing the major techniques and methods. It provides guidelines for auditing the crucial areas of IT--databases, security, maintenance, quality, and communications.
Preface i Basic Concepts of Information Systems Auditing 1(24) Rafael Rodriguez Adoption and Usage Patterns of a Framework for IT Control and Audit 25(13) Jane Fedorowicz Ulric J. Gelinas ICT Security Auditing 38(29) Arturo Ribagorda Jose M. Sierra Audit of Software Maintenance Process 67(42) Francisco Ruiz Mario Piattini Macario Polo Coral Calero Auditing Data Warehouses 109(39) Jose Antonio Rodero Mario Piattini Information Technology Audit: Legal Aspects 148(19) Miguel Angel Davara Framing Database Audit of ISO/IEC 12207 Software Life Cycle Processes 167(22) Juan Garbajosa Pedro Pablo Alarcon Auditing Quality is Quality Auditing 189(27) Bart van Lodensteijin Function Point Metric Auditing 216(19) Jose Luis Lucero About the Authors 235(7) Index 242
Mario Piattini has an MSc and a PhD in computer science (Politechnical University of Madrid) and a MSc in Psychology (UNED). He is also a certified information system auditor and a certified information system manager by ISACA (Information System Audit and Control Association) as well as a full professor in the Department of Computer Science at the University of Castilla-La Mancha (Ciudad Real, Spain). Furthermore, he is the author of several books and papers on databases, software engineering, and information systems. He is a co-editor of several international books including Advanced Databases Technology and Design (2000, Artech House, UK), Information and database quality (2002, Kluwer Academic Publishers, Norwell, USA), Component-based software quality: methods and techniques (2004, Springer, Germany), and Conceptual Software Metrics (Imperial College Press, UK, 2005). He leads the ALARCOS research group of the Department of Computer Science at the University of Castilla-La Mancha (Ciudad Real, Spain). His research interests include advanced databases, database quality, software metrics, security and audit, and software maintenance.
