Auditing IT Infrastructures for Compliance, Third Edition

  • 8h 49m
  • Marty Weiss, Michael G. Solomon, Robert Johnson
  • Jones and Bartlett Learning
  • 2023

The third edition of Auditing IT Infrastructures for Compliance provides a unique, in-depth look at recent U.S. based Information systems and IT infrastructures compliance laws in both the public and private sector. Written by industry experts, this book provides a comprehensive explanation of how to audit IT infrastructures for compliance based on the laws and the need to protect and secure business and consumer privacy data. Using examples and exercises, this book incorporates hands-on activities to prepare readers to skillfully complete IT compliance auditing.

Features and Benefits

  • Cover the latest laws and regulations from FISMA, DoD, and GDPRs
  • Cover the latest standards, including COBIT, SANS, ISACA, ISO/IEC 27001, ITIL, and CRMA
  • Additional coverage of real-word examples, ethics, comparisons to IT auditing in non-US countries, and IT auditing across different industries
  • New coverage on auditing cloud infrastructure
  • Revised to reflect the remote landscape since 2020, including new threats and procedures to improve remote access security

About the Author

Robert Johnson - CISSP, CISA, CISM, CGEIT, and CRISC

Robert Johnson (CISA, CGEIT, CISM, CISSP) has 20 years experience dealing with all aspects of information security, IT audit, risk management, and privacy compliance. His diverse background includes hands-on operational experience as well as providing strategic risk assessment and scoring for leadership and board-level audiences. Currently he works in the security risk management division of a large financial services insurance company. Previously he worked as a first vice president and IT audit and security advisory director at Washington Mutual (JP Morgan Chase).

Marty Weiss - Director Cloud Sales Engineering, Symantec

Martin Weiss is a manager of information security gurus at RSA, The Security Division of EMC, which helps organizations accelerate their business by solving their most complex and sensitive security challenges. He is also on the board of directors for the Connecticut chapter of ISSA and has written several books. He holds a number of certifications, including Security+, CISSP, MCSE: Security, and RSA CSE. Marty received his MBA from the Isenberg School of Management at the University of Massachusetts and currently lives in New England with his wife and three sons.

Michael G. Solomon, PhD, CISSP, PMP, CISM - Professor, University of the Cumberlands

Michael G. Solomon, PhD, CISSP, PMP, CISM, CySA+, Pentest+, is an author, educator, and consultant focusing on privacy, security, blockchain, and identity management. As an IT professional and consultant since 1987, Dr. Solomon has led project teams for many Fortune 500 companies and has authored and contributed to more than 30 books and numerous training courses. Dr. Solomon is a Professo

In this Book

  • The Need for Information Systems Compliance
  • Overview of U.S. Compliance Laws
  • What Is the Scope of an IT Compliance Audit?
  • Auditing Standards and Frameworks
  • Planning an IT Infrastructure Audit for Compliance
  • Conducting an IT Infrastructure Audit for Compliance
  • Writing the IT Infrastructure Audit Report
  • Compliance Within the User Domain
  • Compliance Within the Workstation Domain
  • Compliance Within the LAN Domain
  • Compliance Within the 
LAN-to-WAN Domain
  • Compliance Within the WAN Domain
  • Compliance Within the Remote Access Domain
  • Compliance Within the System/Application Domain
  • Ethics, Education, and Certification for IT Auditors
  • References


Rating 5.0 of 1 users Rating 5.0 of 1 users (1)
Rating 4.6 of 21 users Rating 4.6 of 21 users (21)