IT Auditing Using Controls to Protect Information Assets, 2nd Edition

Secure Your Systems Using the Latest IT Auditing TechniquesFully updated to cover leading-edge tools and technologies, IT Auditing: Using Controls to Protect Information Assets, Second Edition, explains, step by step, how to implement a successful, enterprise-wide IT audit program. New chapters on auditing cloud computing, outsourced operations, virtualization, and storage are included. This comprehensive guide describes how to assemble an effective IT audit team and maximize the value of the IT audit function. In-depth details on performing specific audits are accompanied by real-world examples, ready-to-use checklists, and valuable templates. Standards, frameworks, regulations, and risk management techniques are also covered in this definitive resource. Build and maintain an internal IT audit function with maximum effectiveness and valueAudit entity-level controls, data centers, and disaster recoveryExamine switches, routers, and firewallsEvaluate Windows, UNIX, and Linux operating systemsAudit Web servers and applicationsAnalyze databases and storage solutionsAssess WLAN and mobile devicesAudit virtualized environmentsEvaluate risks associated with cloud computing and outsourced operationsDrill down into applications to find potential control weaknessesUse standards and frameworks, such as COBIT, ITIL, and ISOUnderstand regulations, including Sarbanes-Oxley, HIPAA, and PCIImplement proven risk management practices