IT Auditing: An Adaptive Process

Pages: 148
Language: English
Publication date: 20/11/2010
38.25 €
VAT included
Instant download after purchase
Adobe PDF format Adobe PDF format
“IT Auditing: An Adaptive Process” is a self-contained workbook.
The global Information Technology (IT) community considers becoming a Certified Information Systems Auditor (CISA) a major accomplishment. To obtain the CISA designation information systems auditors, controls, or security professionals must pass a rigorous test demonstrating knowledge in a multitude of information systems audit process areas. Information Systems Audit and Control Association (ISACA) standards and guidelines, audit risk, and audit objectives are just a few knowledge requirements CISA candidates must master.


“IT Auditing: An Adaptive Process” provides a proven approach to IT audit planning, study, evaluation, testing, and reporting methods. Systemically, this book covers major steps in the IT audit process not chronicled in ISACA standards and guidelines. In terms of content, this workbook converts selected audit standards and guidelines into practical applications using detailed examples. This workbook also allows auditors to understand various steps and processes required to adequately initiate, document, and compile IT audit phases. Through this book, an auditor will acquire an appreciation for IT financial statement, government, and external auditing. Collectively, “IT Auditing: An Adaptive Process” can function as a study guide for CISA examination preparation as well as an audit reference manual.

Organization of Workbook

IT audit area mastery reflects professional experience and training. Regarding subject mastery, this book contains a detail preparation, documentation, and presentation process for IT audits; which can be translated, if practiced, into professional experience.

Chronologically, this book describes required audit steps performed during an audit area assignment.

Specifically, in Chapter 1, audit objectives, risk, and materiality from an IT auditor’s perspective are described, while simultaneously presenting other equivalent audit standards and guidelines. Furthermore, auditor opening conference communication is discussed at the chapter’s conclusion.

Chapter 2 continues the IT audit process by expanding discussion on legislative enactments effecting audit area study. This chapter also presents management’s control objective determination as well as studied controls evaluation. At the chapter’s end audit risk and testing reassessment is discussed.

Chapter 3 presents standard auditor testing for IT audit areas based on related control objectives. The types of audit testing are categorized and explained to demonstrate the testing diversity available to the IT auditor. This chapter concludes with a discussion concerning the evaluation of test results and the reassessment of audit area audit risk.

Lastly, Chapter 4 provides the steps required to report on an IT audit. A detailed examination of finding form analysis is discussed as well as draft report preparation. Furthermore, working paper documentation considerations are conveyed to assist in ensuring useful, sufficient, reliable, and relevant evidence. Initial audit report follow-up procedures are explained at the end of this chapter.
Each chapter contains a bibliography of material discussed within that chapter.

Throughout the workbook headings cross reference the bibliography such as 1.1.1 Audit Objectives3, 4, 5, 6 means that this specific section references items 3, 4, 5, and 6 of Chapter 1’s bibliography for supporting subject material.
El vendedor asume toda la responsabilidad de esta entrada.
Robert E. Davis obtained a Bachelor of Business Administration degree in Accounting and Business Law and a Master of Business Administration degree in Management Information Systems from Temple and West Chester University; respectively. In addition, during his twenty years of involvement in education, Robert acquired Postgraduate and Professional Technical licenses in Computer Science and Computer Systems Technology. Robert also obtained the Certified Information Systems Auditor (CISA) certificate -- after passing the 1988 Information Systems Audit and Control Association’s rigorous three hundred and fifty multiple-choice questions examination; and was conferred the Certified Internal Controls Auditor (CICA) certificate by the Institute for Internal Controls.

Since starting his career as an information systems (IS) auditor, Robert has provided data security consulting and IS auditing services to the United States Securities and Exchange Commission, United States Enrichment Corporation, Raytheon Company, United States Interstate Commerce Commission, Dow Jones & Company and Fidelity/First Fidelity (Wells Fargo) corporations as well as other organizations; in staff through management positions.

Prior to engaging in the practice of IS auditing and information security consulting; Robert (as a corporate employee) provided inventory as well as general accounting services to Philip Morris, USA and general accounting services to Philadelphia National Bank (Wells Fargo). Furthermore, he has prior experience as a freelance writer of IT audit and information security training material. Specifically, his published credits include:

•Assuring IT Governance

•Assuring IT Legal Compliance

•Ensuring Information Assets Protection

•IT Auditing: An Adaptive System

•IT Auditing: Assuring Information Assets Protection

•IT Auditing: Business Continuity and Disaster Recovery

•IT Auditing: Information Assets Protection

•IT Auditing: Information Security Governance

•IT Auditing: Irregular and Illegal Acts

•IT Auditing: IT Governance

•IT Auditing: IT Service Delivery and Support

•IT Auditing: Systems and Infrastructure Life Cycle Management

•IT Auditing: The Process

Robert has authored articles addressing IT issues for The Institute of Internal Auditors, IT Governance LTD and ISACA as well as peer reviewed Carnegie Mellon University's technical report "Comparing eSCM-SP v2 and COBIT" and five chapters of Bloomsbury's "Effective Auditing for Corporates".

In regards to training individuals in the information systems audit process, he has provided instruction to the Data Processing Management Association, ISACA-Philadelphia Chapter CISA Review Course participants, 3rd Annual Securasia Congress delegates and an Internet CISA study group.

Based on his accomplishments, Robert has been featured in Temple University's Fox School of Business and Management Alumni Newsletter as well as The Institute for Internal Controls e-newsletter. Furthermore, he is listed as: a Temple University Master of Science in IT Auditing and Cyber-Security Advisory Council member, an IT Governance LTD expert panel member, a leading expert and specialist by The Compliance Authority as well as an International Association of IT Governance Standards honorary member.

If you like this ebook, you might also like:

© 2021 XinXii - GD Publishing Ltd. & Co. KG. Imprint | Terms of Use | Privacy Policy
€ Euro
International sites: German | English | Spanish | French | Italian | Dutch | Portuguese | Russian