S'ware Metrics Home

Book Store PMP Books PDAs
S'ware Metrics Six Sigma LCD Monitors
Requirements Management PMBOK Books
Team Building Use Case DVD Players

Information Technology Control and Audit, Second Edition
Information Technology Control and Audit, Second Edition

Information Technology Control and Audit, Second Edition

List Price: $89.95
Our Price: $71.96
Availability: Usually ships in 24 hours


Manufacturer: Auerbach Publications
Author: Frederick Gallegos
Binding: Hardcover
Publication Date: 2004-03-26
Publisher: Auerbach Publications
Label: Auerbach Publications
Number Of Pages: 720
Features:
Editorial Review:
Information Technology Control and Audit, Second Edition is an excellent introductory textbook for IT auditing. It covers a wide range of topics in the field including the audit process, the legal environment of IT auditing, security and privacy, and much more. This textbook first examines the foundation of IT audit and control, discussing what IT auditing involves and the guidance provided by organizations in dealing with control and auditability issues. It then analyzes the process of audit and review, explores IT governance and control, and discusses the CobiT framework and steps that align IT decisions with business strategy. This volume examines project management processes that ensure that projects are controlled from inception through integration. It continues by addressing auditing IT acquisition and implementation, describing risks and controls as related to the life cycle of application systems. It highlights the purchase and installation of new systems, as well as change management. The next section examines the auditing of IT operations in both standalone and global environments, covering types of IT operation, issues related to specific platforms, risk and control assessment, and audit methods and support tools. The textbook concludes with a review of emerging issues, providing undergraduate and graduate students with a thorough overview of a topic critical to organizational security and integrity.
Cached date: AWS Called=true
You may also be interested in these products:
CISA Certified Information Systems Auditor Study Guide
CISA Certified Information Systems Auditor Study Guide		 IT Auditing: Using Controls to Protect Information Assets
IT Auditing: Using Controls to Protect Information Assets		 Core Concepts of Information Technology Auditing
Core Concepts of Information Technology Auditing		 CISA Exam Cram: Certified Information Systems Auditor (Exam Cram 2)
CISA Exam Cram: Certified Information Systems Auditor (Exam Cram 2)		 Sarbanes-Oxley IT Compliance Using COBIT and Open Source Tools
Sarbanes-Oxley IT Compliance Using COBIT and Open Source Tools

These categories may also be of interest to you:

Customer Reviews
Average Customer Rating: 5.0

Not good for the CISA exam 2007-10-02
I bought this book as an additional material to study for the CISA exam. However it didn't help me with the exam at all. Furthermore, in an attempt to cover many things, it did not cover anything in detail. This book is just an endless recollection of bullet points. On top of that, it misses very sensitive topics like disaster recovery planning.



Useful reference material 2007-02-01
This book has some material relevant to the CISA examination based on the 2003 content areas, although it is not organized or focused as a CISA examination guide. If you are looking for CISA review material for the test, I would strongly suggest to stick with ISACA's combination of review manual and questions CD. I also searched everywhere for study aids for this grueling test and ended up using ISACA's expensive material, but it proved to be the best choice as I passed the Dec 2006 test.

However, as owner of a copy of this book, I assure you that this is an excellent reference of IT management, planning, implementation, risk assessment and control procedures for anyone in the IT business. Most of the material is still relevant as of 2007.



Finally a usable explanation of controls! 2006-12-30
Audit is not the most exciting topic in the world, but this no fluff book really sets the standard. The care the authors took is obvious from the start, the table of contents is one of the most detailed I have ever seen, it allows the book to be used as a reference.

My favorite chapter was Quality Management, best job of making quality approachable I have seen to date. My least favorite was Project Management, it seemed to lack the application and lean to theory a bit.

I am not an auditor, but as an auditee, this book really helped me understand how they think. Recommended!


Too thin 2006-03-24
This is a huge book but spends no more then 1 page on any topic. In my opinion the authors only have financial audit experience and little understanding of IT controls. This book shows the failure of the 'integrated auditor' as the authors are tyring to be IT auditors with little IT experience. They touch on some very good points in a few instances and, in general, the book is decent. The authors do not know much outside of the CISA, IIA and financial based certifications as they seem to think that the ISSA (Information Systems Security Assoc.) is sponsored by ISC2/CISSP's (it is not). Overall, I have not been impressed with this book.


Great resource 2005-12-13
Not having much experience in the IT audit field, this book was a great resource and was easy to understand.