IT Auditing: Using Controls to Protect Information Assets (Paperback)

Chris Davis, Mike Schiller, Kevin Wheeler

  • 出版商: McGraw-Hill Education
  • 出版日期: 2006-12-22
  • 定價: $1,860
  • 售價: 1.6$299
  • 語言: 英文
  • 頁數: 387
  • 裝訂: Paperback
  • ISBN: 0072263431
  • ISBN-13: 9780072263435

立即出貨(限量) (庫存=1)

買這商品的人也買了...

相關主題

商品描述

Description

Protect Your Systems with Proven IT Auditing Strategies

 "A must-have for auditors and IT professionals."  -Doug Dexter, CISSP-ISSMP, CISA, Audit Team Lead, Cisco Systems, Inc.

Plan for and manage an effective IT audit program using the in-depth information contained in this comprehensive resource. Written by experienced IT audit and security professionals, IT Auditing: Using Controls to Protect Information Assets covers the latest auditing tools alongside real-world examples, ready-to-use checklists, and valuable templates. Inside, you'll learn how to analyze Windows, UNIX, and Linux systems; secure databases; examine wireless networks and devices; and audit applications. Plus, you'll get up-to-date information on legal standards and practices, privacy and ethical issues, and the CobiT standard. 

Build and maintain an IT audit function with maximum effectiveness and value

  • Implement best practice IT audit processes and controls
  • Analyze UNIX-, Linux-, and Windows-based operating systems
  • Audit network routers, switches, firewalls, WLANs, and mobile devices
  • Evaluate entity-level controls, data centers, and disaster recovery plans
  • Examine Web servers, platforms, and applications for vulnerabilities
  • Review databases for critical controls
  • Use the COSO, CobiT, ITIL, ISO, and NSA INFOSEC methodologies
  • Implement sound risk analysis and risk management practices
  • Drill down into applications to find potential control weaknesses

 

Table of Contents

Section I: Audit Overview
Chapter 1. Building an Effective Internal IT Audit Function
Chapter 2. The Audit Process
Section II: Auditing Techniques
Chapter 3. Auditing Entity Level Controls
Chapter 4. Auditing Data Centers and Disaster Recovery
Chapter 5. Auditing Routers, Switches, and Firewalls
Chapter 6. Auditing Windows Operating Systems
Chapter 7. Auditing UNIX, Solaris, and Linux Operating Systems
Chapter 8. Auditing Web Servers, Mail Servers, and Proxies
Chapter 9. Auditing Databases
Chapter 10. Auditing Applications
Chapter 11. Auditing WLAN and Mobile Devices
Chapter 12. Auditing Company Projects
Section III: Standards, Frameworks, and Regulations
Chapter 13. Standards and Frameworks
Chapter 14. Regulations
APPENDIX A. DETAILED RISK ANALYSIS TECHNIQUES
APPENDIX B: AUDITING REMOTE SYSTEMS
GLOSSARY