Alaska Now is an update to James Michener's classic saga. Lovely Native Corporation CEO and talented son of oil executive team up to save the National Petroleum Reserve,..
“IT Auditing: Assuring Information Assets Protection” provides a proven approach to assessing IT security frameworks, architectures, methods, and techniques. This publication converts selected audit standards and guidelines into practical applications using detailed examples and vivid graphics - including definitions of over 140 acronyms helpful in providing assurance services. This publication also allows auditors and security professionals to understand various steps and processes required to adequately initiate, document, and compile information assets protection audit or review phases.
The value of most organizations today is in the invisible information assets that provide key knowledge necessary to succeed in conducting business. Many of these information assets are digital.
Unlike physical assets, information assets can not be seen or touched directly. Furthermore, unlike physical assets, information assets can be more easily damaged or destroyed accidentally or on purpose by persons in the computer room, in the organization, or an unknown person half way around the world. The nature of these information assets requires extremely close scrutiny.
“IT Auditing: Assuring Information Assets Protection” provides a proven approach to assessing IT security frameworks, architectures, methods, and techniques. This publication converts selected audit standards and guidelines into practical applications using detailed examples and vivid graphics - including definitions of over 140 acronyms helpful in providing assurance services. This publication also allows auditors and security professionals to understand various steps and processes required to adequately initiate, document, and compile information assets protection audit or review phases.
This two-hundred-sixty-five page (8.5 wide by 11 length) publication provides auditors and security professionals with an appreciation for the complexities associated with assuring information assets protection and list numerous references for further in-depth information.
“IT Auditing: Assuring Information Assets Protection” can function as a study guide for CISA or CISM examination preparation as well as an audit or security practice reference manual.
Feedback from an on-site version of this training includes:
"[The] Risk Based IT Audit Course provided a comprehensive understanding for both IT Auditors & IT Management in identifying risks & the risk of mitigating actions for them"
- President & CEO from Pentathlon Systems Resources Inc.
Hardcover Edition - Lulu.com
Excerpt
Chapter 6
“IAP audit or review risk assessments should take into consideration the life cycle phase being examined (e.g. pre-implementation (design), implementation, or post-implementation (operational) stage). However, specific to an IT IAP audit or review, the planning risk assessment should include categories for addressing logical access controls, network infrastructure security, risk analysis, environmental controls, physical access controls, and confidential information assets (Appendix A).
When performing risk-based assurance engagements, IT auditors should consider training and awareness for each auditable unit category at the detail risk assessment level; while maintaining a separate classification for this subcategorized item at the audit-plan-auditable-unit-level for working papers, if this item is within the audit or review ambit.”
Chapter 1 Knowledge Check Answer
"Explanation: The purchasing agent has a conflict because they appear to lack objectivity. Ethics codes require that even the appearance of impropriety be avoided. Consequently, the agent should not have participated in the decision, however scrupulous their actions may have been. Therefore, yes, the presence of dual interest is sufficient to impugn the arrangement is the correct answer."
Both reviled and ignored in her lifetime, because she -- a woman -- dared to defy the literary establishment, Rosalia de Castro has now supplanted all the men and women (..
Bookmarks
