The scope and mandate for internal audit continues to evolve each year, as does the complexity of the business environment and speed of the changing risk landscape in which it must operate.
The fundamental goal of this exciting new series is to produce leading-edge books on critical subjects facing audit executives as well as internal and IT audit practitioners.
Key topics that will be addressed over the coming years include Audit Leadership, Cybersecurity, Strategic Risk Management, Auditing Various IT Activities and Processes, Audit Management, and Operational Auditing.
Supply Chain Risk Management: Applying Secure Acquisition Principles to Ensure a Trusted Technology Product
Implementing Cybersecurity: A Guide to the National Institute of Standards and Technology Risk Management Framework
Security and Auditing of Smart Devices: Managing Proliferation of Confidential Data on Corporate and BYOD Devices
Anne Kohnke, Ken Sigler, Dan Shoemaker
November 17, 2017
The book presents the concepts of ICT supply chain risk management from the perspective of NIST IR 800-161. It covers how to create a verifiable audit-based control structure to ensure comprehensive security for acquired products. It explains how to establish systematic control over the supply...
September 26, 2017
This book provides insight as to why and how current security management practices fail at their basic foundation, resulting in overall dissatisfaction by practitioners and lack of success in the corporate environment. The author examines the reasons and how to fix them. The resulting improvement...
June 01, 2017
This book illustrates the importance of business impact analysis, which covers risk assessment, and moves towards better understanding of the business environment, industry specific compliance, legal and regulatory landscape and the need for business continuity. The book provides charts, checklists...
Richard E. Cascarino
March 15, 2017
There are many webinars and training courses on Data Analytics for Internal Auditors, but no handbook written from the practitioner’s viewpoint covering not only the need and the theory, but a practical hands-on approach to conducting Data Analytics. The spread of IT systems makes it necessary that...
Eugene M Fredriksen
March 13, 2017
The book takes readers though a series of security and risk discussions based on real-life experiences. While the experience story may not be technical, it will relate specifically to a value or skill critical to being a successful CISO. The core content is organized into ten major chapters, each...
Anne Kohnke, Ken Sigler, Dan Shoemaker
March 09, 2017
The book provides the complete strategic understanding requisite to allow a person to create and use the RMF process recommendations for risk management. This will be the case both for applications of the RMF in corporate training situations, as well as for any individual who wants to obtain...
January 31, 2017
This book explores a broad cross section of research and actual case studies to draw out new insights that may be used to build a benchmark for IT security professionals. This research takes a deeper dive beneath the surface of the analysis to uncover novel ways to mitigate data security...
December 16, 2016
This book helps auditors understand the reality of performing the internal audit role and the importance of properly managing ethical standards. It provides many examples of ethical conflicts and proposes alternative actions for the internal auditor. Internal auditors are well-schooled on the IIA...
Patrick Onwura Nzechukwu
November 22, 2016
This book addresses the practice of internal auditing using GAAS (Generally Accepted Auditing Standards), GAGAS (Generally Accepted Government Auditing Standards) and International Standards for the Professional Practice of Internal Auditing (Standards) as enunciated by the IIA. Unique in that it...
Sajay Rai, Philip Chukwuma, Richard Cozart
November 10, 2016
Most organizations have been caught off-guard with the proliferation of smart devices. The IT organization was comfortable supporting the Blackberry due to its ease of implementation and maintenance. But the use of Android and iOS smart devices have created a maintenance nightmare not only for the...
October 26, 2016
Internal auditors are expected to perform risk-based audits, but do so partially because they focus on financial and compliance risks at the expense of operational, strategic and technological ones. This limits their ability to evaluate critical risks and processes. This book merges traditional...
September 01, 2016
This is the first book to finally address the umbrella term corporate defense, and to explain how an integrated corporate defense program can help an organization address both value creation and preservation. The book explores the value preservation imperative, which represents an organization’s...