Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Cover Series Title Page Copyright Dedication Preface
CONTROLS IN MODERN COMPUTER SYSTEMS OVERALL FRAMEWORK
Part I: IT Audit Process
Chapter 1: Technology and Audit
TECHNOLOGY AND AUDIT BATCH AND ONLINE SYSTEMS ELECTRONIC DATA INTERCHANGE ELECTRONIC BUSINESS CLOUD COMPUTING
Chapter 2: IT Audit Function Knowledge
INFORMATION TECHNOLOGY AUDITING WHAT IS MANAGEMENT? MANAGEMENT PROCESS UNDERSTANDING THE ORGANIZATION’S BUSINESS ESTABLISHING THE NEEDS IDENTIFYING KEY ACTIVITIES ESTABLISH PERFORMANCE OBJECTIVES DECIDE THE CONTROL STRATEGIES IMPLEMENT AND MONITOR THE CONTROLS EXECUTIVE MANAGEMENT’S RESPONSIBILITY AND CORPORATE GOVERNANCE AUDIT ROLE CONCEPTUAL FOUNDATION PROFESSIONALISM WITHIN THE IT AUDITING FUNCTION RELATIONSHIP OF INTERNAL IT AUDIT TO THE EXTERNAL AUDITOR RELATIONSHIP OF IT AUDIT TO OTHER COMPANY AUDIT ACTIVITIES AUDIT CHARTER CHARTER CONTENT OUTSOURCING THE IT AUDIT ACTIVITY REGULATION, CONTROL, AND STANDARDS
Chapter 3: It Risk and Fundamental Auditing Concepts
COMPUTER RISKS AND EXPOSURES EFFECT OF RISK AUDIT AND RISK AUDIT EVIDENCE CONDUCTING AN IT RISK-ASSESSMENT PROCESS NIST SP 800 30 FRAMEWORK ISO 27005 THE “CASCARINO CUBE” RELIABILITY OF AUDIT EVIDENCE AUDIT EVIDENCE PROCEDURES RESPONSIBILITIES FOR FRAUD DETECTION AND PREVENTION NOTES
Chapter 4: Standards and Guidelines for IT Auditing
IIA STANDARDS CODE OF ETHICS ADVISORY AIDS STANDARDS FOR THE PROFESSIONAL PERFORMANCE OF INTERNAL AUDITING ISACA STANDARDS ISACA CODE OF ETHICS COSO: INTERNAL CONTROL STANDARDS BS 7799 AND ISO 17799: IT SECURITY NIST BSI BASELINES NOTE
Chapter 5: Internal Controls Concepts Knowledge
INTERNAL CONTROLS COST/BENEFIT CONSIDERATIONS INTERNAL CONTROL OBJECTIVES TYPES OF INTERNAL CONTROLS SYSTEMS OF INTERNAL CONTROL ELEMENTS OF INTERNAL CONTROL MANUAL AND AUTOMATED SYSTEMS CONTROL PROCEDURES APPLICATION CONTROLS CONTROL OBJECTIVES AND RISKS GENERAL CONTROL OBJECTIVES DATA AND TRANSACTIONS OBJECTIVES PROGRAM CONTROL OBJECTIVES CORPORATE IT GOVERNANCE COSO AND INFORMATION TECHNOLOGY GOVERNANCE FRAMEWORKS NOTES
Chapter 6: Risk Management of the IT Function
NATURE OF RISK RISK-ANALYSIS SOFTWARE AUDITING IN GENERAL ELEMENTS OF RISK ANALYSIS DEFINING THE AUDIT UNIVERSE COMPUTER SYSTEM THREATS RISK MANAGEMENT NOTES
Chapter 7: Audit Planning Process
BENEFITS OF AN AUDIT PLAN STRUCTURE OF THE PLAN TYPES OF AUDIT
Chapter 8: Audit Management
PLANNING AUDIT MISSION IT AUDIT MISSION ORGANIZATION OF THE FUNCTION STAFFING IT AUDIT AS A SUPPORT FUNCTION PLANNING BUSINESS INFORMATION SYSTEMS INTEGRATED IT AUDITOR VERSUS INTEGRATED IT AUDIT AUDITEES AS PART OF THE AUDIT TEAM APPLICATION AUDIT TOOLS ADVANCED SYSTEMS SPECIALIST AUDITOR IT AUDIT QUALITY ASSURANCE
Chapter 9: Audit Evidence Process
AUDIT EVIDENCE AUDIT EVIDENCE PROCEDURES CRITERIA FOR SUCCESS STATISTICAL SAMPLING WHY SAMPLE? JUDGMENTAL (OR NON-STATISTICAL) SAMPLING STATISTICAL APPROACH SAMPLING RISK ASSESSING SAMPLING RISK PLANNING A SAMPLING APPLICATION CALCULATING SAMPLE SIZE QUANTITATIVE METHODS PROJECT-SCHEDULING TECHNIQUES SIMULATIONS COMPUTER-ASSISTED AUDIT SOLUTIONS GENERALIZED AUDIT SOFTWARE APPLICATION AND INDUSTRY-RELATED AUDIT SOFTWARE CUSTOMIZED AUDIT SOFTWARE INFORMATION-RETRIEVAL SOFTWARE UTILITIES ON-LINE INQUIRY CONVENTIONAL PROGRAMMING LANGUAGES MICROCOMPUTER-BASED SOFTWARE TEST TRANSACTION TECHNIQUES
Chapter 10: Audit Reporting Follow-up
AUDIT REPORTING INTERIM REPORTING CLOSING CONFERENCES WRITTEN REPORTS CLEAR WRITING TECHNIQUES PREPARING TO WRITE BASIC AUDIT REPORT EXECUTIVE SUMMARY DETAILED FINDINGS POLISHING THE REPORT DISTRIBUTING THE REPORT FOLLOW-UP REPORTING TYPES OF FOLLOW-UP ACTION
Part II: Information Technology Governance
Chapter 11: Management
IT INFRASTRUCTURES PROJECT-BASED FUNCTIONS QUALITY CONTROL OPERATIONS AND PRODUCTION TECHNICAL SERVICES PERFORMANCE MEASUREMENT AND REPORTING MEASUREMENT IMPLEMENTATION NOTES
Chapter 12: Strategic Planning
STRATEGIC MANAGEMENT PROCESS STRATEGIC DRIVERS NEW AUDIT REVOLUTION LEVERAGING IT BUSINESS PROCESS RE-ENGINEERING MOTIVATION IT AS AN ENABLER OF RE-ENGINEERING DANGERS OF CHANGE SYSTEM MODELS INFORMATION RESOURCE MANAGEMENT STRATEGIC PLANNING FOR IT DECISION SUPPORT SYSTEMS STEERING COMMITTEES STRATEGIC FOCUS AUDITING STRATEGIC PLANNING DESIGN THE AUDIT PROCEDURES NOTE
Chapter 13: Management Issues
PRIVACY COPYRIGHTS, TRADEMARKS, AND PATENTS ETHICAL ISSUES CORPORATE CODES OF CONDUCT IT GOVERNANCE SARBANES-OXLEY ACT PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS HOUSEKEEPING NOTES
Chapter 14: Support Tools and Frameworks
GENERAL FRAMEWORKS COSO: INTERNAL CONTROL STANDARDS OTHER STANDARDS GOVERNANCE FRAMEWORKS NOTE
Chapter 15: Governance Techniques
CHANGE CONTROL PROBLEM MANAGEMENT AUDITING CHANGE CONTROL OPERATIONAL REVIEWS PERFORMANCE MEASUREMENT ISO 9000 REVIEWS
Part III: Systems and Infrastructure Lifecycle Management
Chapter 16: Information Systems Planning
STAKEHOLDERS OPERATIONS SYSTEMS DEVELOPMENT TECHNICAL SUPPORT OTHER SYSTEM USERS SEGREGATION OF DUTIES PERSONNEL PRACTICES OBJECT-ORIENTED SYSTEMS ANALYSIS ENTERPRISE RESOURCE PLANNING CLOUD COMPUTING NOTES
Chapter 17: Information Management and Usage
WHAT ARE ADVANCED SYSTEMS? SERVICE DELIVERY AND MANAGEMENT COMPUTER-ASSISTED AUDIT TOOLS AND TECHNIQUES NOTES
Chapter 18: Development, Acquisition, and Maintenance of Information Systems
PROGRAMMING COMPUTERS PROGRAM CONVERSIONS NO THANKS SYSTEMS DEVELOPMENT EXPOSURES SYSTEMS DEVELOPMENT CONTROLS SYSTEMS DEVELOPMENT LIFECYCLE CONTROL: CONTROL OBJECTIVES MICRO-BASED SYSTEMS CLOUD COMPUTING APPLICATIONS NOTE
Chapter 19: Impact of Information Technology on the Business Processes and Solutions
IMPACT CONTINUOUS MONITORING BUSINESS PROCESS OUTSOURCING E-BUSINESS NOTES
Chapter 20: Software Development
DEVELOPING A SYSTEM CHANGE CONTROL WHY DO SYSTEMS FAIL? AUDITOR’S ROLE IN SOFTWARE DEVELOPMENT
Chapter 21: Audit and Control of Purchased Packages and Services
IT VENDORS REQUEST FOR INFORMATION REQUIREMENTS DEFINITION REQUEST FOR PROPOSAL INSTALLATION SYSTEMS MAINTENANCE SYSTEMS MAINTENANCE REVIEW OUTSOURCING SAS 70 REPORTS
Chapter 22: Audit Role in Feasibility Studies and Conversions
FEASIBILITY SUCCESS FACTORS CONVERSION SUCCESS FACTORS
Chapter 23: Audit and Development of Application Controls
WHAT ARE SYSTEMS? CLASSIFYING SYSTEMS CONTROLLING SYSTEMS CONTROL STAGES CONTROL OBJECTIVES OF BUSINESS SYSTEMS GENERAL CONTROL OBJECTIVES CAATS AND THEIR ROLE IN BUSINESS SYSTEMS AUDITING COMMON PROBLEMS AUDIT PROCEDURES CAAT USE IN NON-COMPUTERIZED AREAS DESIGNING AN APPROPRIATE AUDIT PROGRAM
Part IV: Information Technology Service Delivery and Support
Chapter 24: Technical Infrastructure
AUDITING THE TECHNICAL INFRASTRUCTURE INFRASTRUCTURE CHANGES COMPUTER OPERATIONS CONTROLS OPERATIONS EXPOSURES OPERATIONS CONTROLS PERSONNEL CONTROLS SUPERVISORY CONTROLS INFORMATION SECURITY OPERATIONS AUDITS NOTES
Chapter 25: Service-Center Management
PRIVATE SECTOR PREPAREDNESS (PS PREP) CONTINUITY MANAGEMENT AND DISASTER RECOVERY MANAGING SERVICE-CENTER CHANGE NOTES
Part V: Protection of Information Assets
Chapter 26: Information Assets Security Management
WHAT IS INFORMATION SYSTEMS SECURITY? CONTROL TECHNIQUES WORKSTATION SECURITY PHYSICAL SECURITY LOGICAL SECURITY USER AUTHENTICATION COMMUNICATIONS SECURITY ENCRYPTION HOW ENCRYPTION WORKS ENCRYPTION WEAKNESSES POTENTIAL ENCRYPTION DATA INTEGRITY DOUBLE PUBLIC KEY ENCRYPTION STEGANOGRAPHY INFORMATION SECURITY POLICY NOTES
Chapter 27: Logical Information Technology Security
COMPUTER OPERATING SYSTEMS TAILORING THE OPERATING SYSTEM AUDITING THE OPERATING SYSTEM SECURITY CRITERIA SECURITY SYSTEMS: RESOURCE ACCESS CONTROL FACILITY AUDITING RACF ACCESS CONTROL FACILITY 2 TOP SECRET USER AUTHENTICATION BYPASS MECHANISMS SECURITY TESTING METHODOLOGIES NOTES
Chapter 28: Applied Information Technology Security
COMMUNICATIONS AND NETWORK SECURITY NETWORK PROTECTION HARDENING THE OPERATING ENVIRONMENT CLIENT SERVER AND OTHER ENVIRONMENTS FIREWALLS AND OTHER PROTECTION RESOURCES INTRUSION-DETECTION SYSTEMS NOTE
Chapter 29: Physical and Environmental Security
CONTROL MECHANISMS IMPLEMENTING THE CONTROLS
Part VI: Business Continuity and Disaster Recovery
Chapter 30: Protection of the Information Technology Architecture and Assets: Disaster-Recovery Planning
RISK REASSESSMENT DISASTER—BEFORE AND AFTER CONSEQUENCES OF DISRUPTION WHERE TO START TESTING THE PLAN AUDITING THE PLAN
Chapter 31: Displacement Control
INSURANCE SELF-INSURANCE
Part VII: Advanced IT Auditing
Chapter 32: Auditing E-commerce Systems
E-COMMERCE AND ELECTRONIC DATA INTERCHANGE: WHAT IS IT? OPPORTUNITIES AND THREATS RISK FACTORS THREAT LIST SECURITY TECHNOLOGY “LAYER” CONCEPT AUTHENTICATION ENCRYPTION TRADING PARTNER AGREEMENTS RISKS AND CONTROLS WITHIN EDI AND E-COMMERCE E-COMMERCE AND AUDITABILITY COMPLIANCE AUDITING E-COMMERCE AUDIT APPROACH AUDIT TOOLS AND TECHNIQUES AUDITING SECURITY CONTROL STRUCTURES COMPUTER-ASSISTED AUDIT TECHNIQUES NOTES
Chapter 33: Auditing UNIX/Linux
HISTORY SECURITY AND CONTROL IN A UNIX/LINUX SYSTEM ARCHITECTURE UNIX SECURITY SERVICES DAEMONS AUDITING UNIX SCRUTINY OF LOGS AUDIT TOOLS IN THE PUBLIC DOMAIN UNIX PASSWORD FILE AUDITING UNIX PASSWORDS
Chapter 34: Auditing Windows VISTA and Windows 7
HISTORY NT AND ITS DERIVATIVES AUDITING WINDOWS VISTA/WINDOWS 7 PASSWORD PROTECTION VISTA/WINDOWS 7 SECURITY CHECKLIST
Chapter 35: Foiling the System Hackers Chapter 36: Preventing and Investigating Information Technology Fraud
PREVENTING FRAUD INVESTGATION IDENTITY THEFT NOTE
Appendix A: Ethics and Standards for the IS Auditor
ISACA CODE OF PROFESSIONAL ETHICS RELATIONSHIP OF STANDARDS TO GUIDELINES AND PROCEDURES
Appendix B: Audit Program for Application Systems Auditing Appendix C: Logical Access-Control Audit Program Appendix D: Audit Program for Auditing UNIX/Linux Environments Appendix E: Audit Program for Auditing Windows VISTA and Windows 7 Environments About the Author About the Website Index
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion