Information Technology Control and Audit, 4/e (Hardcover)

Sandra Senft, Frederick Gallegos, Aleksandra Davis

買這商品的人也買了...

商品描述

The new edition of a bestseller, Information Technology Control and Audit, Fourth Edition provides a comprehensive and up-to-date overview of IT governance, controls, auditing applications, systems development, and operations. Aligned to and supporting the Control Objectives for Information and Related Technology (COBIT), it examines emerging trends and defines recent advances in technology that impact IT controls and audits—including cloud computing, web-based applications, and server virtualization.

Filled with exercises, review questions, section summaries, and references for further reading, this updated and revised edition promotes the mastery of the concepts and practical implementation of controls needed to manage information technology resources effectively well into the future. Illustrating the complete IT audit process, the text:

  • Considers the legal environment and its impact on the IT field—including IT crime issues and protection against fraud
  • Explains how to determine risk management objectives
  • Covers IT project management and describes the auditor’s role in the process
  • Examines advanced topics such as virtual infrastructure security, enterprise resource planning, web application risks and controls, and cloud and mobile computing security
  • Includes review questions, multiple-choice questions with answers, exercises, and resources for further reading in each chapter

This resource-rich text includes appendices with IT audit cases, professional standards, sample audit programs, bibliography of selected publications for IT auditors, and a glossary. It also considers IT auditor career development and planning and explains how to establish a career development plan. Mapping the requirements for information systems auditor certification, this text is an ideal resource for those preparing for the Certified Information Systems Auditor (CISA) and Certified in the Governance of Enterprise IT (CGEIT) exams.

Instructor's guide and PowerPoint® slides available upon qualified course adoption.

商品描述(中文翻譯)

《資訊科技控制與審計,第四版》是一本暢銷書的新版,提供了對IT治理、控制、審計應用、系統開發和運營的全面且最新的概述。該書與《信息與相關技術的控制目標》(COBIT)相一致並支持其,探討了影響IT控制和審計的新興趨勢和最近的技術進展,包括雲計算、基於網絡的應用和服務器虛擬化。

該書充滿了練習題、復習問題、章節摘要和進一步閱讀的參考資料,這本更新和修訂的版本促進了對概念的掌握和有效管理信息技術資源所需的控制的實際實施,並持續有效地進行。通過展示完整的IT審計過程,本書:

- 考慮法律環境及其對IT領域的影響,包括IT犯罪問題和防範欺詐
- 解釋如何確定風險管理目標
- 講解IT項目管理並描述審計師在該過程中的角色
- 檢視高級主題,如虛擬基礎設施安全、企業資源規劃、網絡應用風險和控制,以及雲計算和移動計算安全
- 每章包含復習問題、帶答案的多選題、練習題和進一步閱讀資源

這本資源豐富的書籍還包括IT審計案例、專業標準、樣本審計計劃、IT審計師選定出版物的參考書目和詞彙表的附錄。它還考慮了IT審計師的職業發展和規劃,並解釋了如何建立職業發展計劃。該書還對信息系統審計師認證的要求進行了映射,是準備參加《註冊信息系統審計師》(CISA)和《企業IT治理註冊》(CGEIT)考試的理想資源。

合格的課程採用者還可以獲得教師指南和PowerPoint®幻燈片。