IT Audit, Control, and Security

  • 16h 15m
  • Robert R. Moeller
  • John Wiley & Sons (US)
  • 2010

When it comes to computer security, the role of auditors today has never been more crucial. Auditors must ensure that all computers, in particular those dealing with e-business, are secure. The only source for information on the combined areas of computer audit, control, and security, the IT Audit, Control, and Security describes the types of internal controls, security, and integrity procedures that management must build into its automated systems. This very timely book provides auditors with the guidance they need to ensure that their systems are secure from both internal and external threats.

About the Author

Robert R. Moeller (Evanston, IL), CPA, CISA, PMP, CISSP, is the founder of Compliance and control Systems Associates, a consulting firm that specialized in internal audit and project management with a strong understanding of information systems, corporate governance and security. He has over 30 years of experience in internal auditing, ranging from launching new internal audit functions in several companies to serving as audit director for a Fortune 50 corporation. He held positions with Grant Thornton (National Director of Computer Auditing) and Sears Roebuck (Audit Director). A frequently published author and professional speaker, Moeller provides insights into many of the new rules impacting internal auditors today as well as the challenges audit committees face when dealing with Sarbanes-Oxley, internal controls, and their internal auditors. Moeller is the former president of the Institute of Internal Auditor's Chicago chapter and has served on the IIA's International Advanced Technology Committee. He is also the former chair of the AICPA's Computer Audit Subcommittee.

In this Book

  • SOx and the COSO Internal Controls Framework
  • Using Cobit to Perform IT Audits
  • IIA and ISACA Standards for the Professional Practice of Internal Auditing
  • Understanding Risk Management through COSO ERM
  • Performing Effective IT Audits
  • General Controls in Today's IT Environments
  • Infrastructure Controls and ITIL Service Management Best Practices
  • Systems Software and IT Operations General Controls
  • Evolving Control Issues: Wireless Networks, Cloud Computing, and Virtualization
  • Selecting, Testing, and Auditing IT Applications
  • Software Engineering and CMMi
  • Auditing Service-Oriented Architectures and Record Management Processes
  • Computer-Assisted Audit Tools and Techniques
  • Continuous Assurance Auditing, OLAP, and XBRL
  • IT Controls and the Audit Committee
  • Val IT, Portfolio Management, and Project Management
  • Compliance with IT-Related Laws and Regulations
  • Understanding and Reviewing Compliance with ISO Standards
  • Controls to Establish an Effective IT Security Environment
  • Cybersecurity and Privacy Controls
  • IT Fraud Detection and Prevention
  • Identity and Access Management
  • Establishing Effective IT Disaster Recovery Processes
  • Electronic Archiving and Data Retention
  • Business Continuity Management, BS 25999, and ISO 27001
  • Auditing Telecommunications and IT Communications Networks
  • Change and Patch Management Controls
  • Six Sigma and Lean Technologies
  • Building an Effective IT Internal Audit Function
  • Professional Certifications: CISA, CIA, and More
  • Quality Assurance Auditing and ASQ Standards


Rating 4.6 of 21 users Rating 4.6 of 21 users (21)
Rating 4.8 of 44 users Rating 4.8 of 44 users (44)
Rating 5.0 of 1 users Rating 5.0 of 1 users (1)