Features

• Reviews pertinent legislation including HIPAA, Sarbanes-Oxley, and the Homeland Security Act
• Discusses governance, strategy and standards, and risk management
• Reviews IT project management, sourcing, and application controls and management
• Examines service management and continuity, as well as systems and operations management
• Explores advanced topics such as virtual environment, virtual security, e-commerce, and enterprise resource planning
• Includes illustrations, graphs, and charts to illuminate the material

Instructor’s manual available with qualifying course adoption

Summary

The headline-grabbing financial scandals of recent years have led to a great urgency regarding organizational governance and security. Information technology is the engine that runs modern organizations, and as such, it must be well-managed and controlled. Organizations and individuals are dependent on network environment technologies, increasing the importance of security and privacy. The field has answered this sense of urgency with advances that have improved the ability to both control the technology and audit the information that is the lifeblood of modern business.

Reflects the Latest Technological Advances

Updated and revised, this third edition of Information Technology Control and Audit continues to present a comprehensive overview for IT professionals and auditors. Aligned to the CobiT control objectives, it provides a fundamental understanding of IT governance, controls, auditing applications, systems development, and operations.

Demonstrating why controls and audits are critical, and defining advances in technology designed to support them, this volume meets the increasing need for audit and control professionals to understand information technology and the controls required to manage this key resource.

 A Powerful Primer for the CISA and CGEIT Exams

Supporting and analyzing the CobiT model, this text prepares IT professionals for the CISA and CGEIT exams. With summary sections, exercises, review questions, and references for further readings, it promotes the mastery of the concepts and practical implementation of controls needed to effectively manage information technology resources.

New in the Third Edition:

• Reorganized and expanded to align to the CobiT objectives
• Supports study for both the CISA and CGEIT exams
• Includes chapters on IT financial and sourcing management
• Adds a section on Delivery and Support control objectives
• Includes additional content on audit and control of outsourcing, change management, risk management, and compliance