Solution Manual for Information Technology Auditing 3rd Edition by Hall

Instant download Solution Manual for Information Technology Auditing 3rd Edition by Hall pdf docx epub after payment.

Product details:

• ISBN-10 ‏ : ‎ 1439079110
• ISBN-13 ‏ : ‎ 978-1439079119
• Author: James A. Hall

IT AUDITING is an innovative and cutting edge text, which provides students with a solid background in traditional auditing as well as in the auditing of accounting information systems. This new edition includes updated and expanded coverage of enterprise systems and fraud and fraud detection topics such as continuous online auditing. After reading Hall’s IT Auditing, students will gain a true understanding of how these audits take place in the real world.

Table of contents:

Chapter 1 Building an Effective Internal IT Audit Function

Why Are We Here? (The Internal Audit Department’s Mission)

Independence: The Great Myth

Adding Value Outside of Formal Audits

Business Advisory Audits

Four Methods for Business Advisory Audits

Early Involvement

Informal Audits

Knowledge Sharing

Self-Assessments

Continuous Auditing

Final Thoughts on Adding Value Outside of Formal Audits

Relationship Building: Partnering vs. Policing

Learning to Build Partnerships

The Role of the IT Audit Team

Application Auditors (or Integrated Auditors)

Data Extraction and Analysis Specialists

IT Auditors

Forming and Maintaining an Effective IT Audit Team

Career IT Auditors

IT Professionals

Career IT Auditors vs. IT Professionals: Final Thoughts

Co-sourcing

Maintaining Expertise

Sources of Learning

Relationship with External Auditors and Internal Assurance Functions

Summary

Chapter 2 The Audit Process

Internal Controls

Types of Internal Controls

Internal Control Examples

Determining What to Audit

Creating the Audit Universe

Ranking the Audit Universe

Determining What to Audit: Final Thoughts

The Stages of an Audit

Planning

Fieldwork and Documentation

Issue Discovery and Validation

Solution Development

Report Drafting and Issuance

Issue Tracking

Standards

Summary

Part II Auditing Techniques

Chapter 3 Auditing Entity-Level Controls

Background

Test Steps for Auditing Entity-Level Controls

Knowledge Base

Master Checklist

Chapter 4 Auditing Cybersecurity Programs

Background

Steps for Auditing Cybersecurity Programs

Knowledge Base

Master Checklist

Chapter 5 Auditing Data Centers and Disaster Recovery

Background

Data Center Auditing Essentials

Physical Security and Environmental Controls

System and Site Resiliency

Data Center Operations

Disaster Preparedness

Test Steps for Auditing Data Centers

Neighborhood and External Risk Factors

Physical Access Controls

Environmental Controls

Power and Electricity

Fire Suppression

Data Center Operations

System Resiliency

Data Backup and Restoration

Disaster Recovery Planning

Knowledge Base

Master Checklists

Chapter 6 Auditing Networking Devices

Background

Network Auditing Essentials

Protocols

OSI Model

Routers and Switches

LANs, VLANs, WANs, and WLANs

Firewalls

Auditing Switches, Routers, and Firewalls

General Network Equipment Audit Steps

Additional Switch Controls: Layer 2

Additional Router Controls: Layer 3

Additional Firewall Controls

Additional Controls for Wireless Network Gear

Tools and Technology

Knowledge Base

Master Checklists

Chapter 7 Auditing Windows Servers

Background

Windows Auditing Essentials

Command-Line Tips

Essential Command-Line Tools

Common Commands

Server Administration Tools

Performing the Audit

Test Steps for Auditing Windows

Initial Steps

Account Management

Permissions Management

Network Security and Controls

Security Monitoring and Other General Controls

Tools and Technology

Knowledge Base

Master Checklist

Chapter 8 Auditing Unix and Linux Operating Systems

Background

Unix and Linux Auditing Essentials

Key Concepts

File System Layout and Navigation

File System Permissions

Users and Authentication

Network Services

Test Steps for Auditing Unix and Linux

Account Management

Permissions Management

Network Security and Controls

Security Monitoring and Other General Controls

Tools and Technology

Network Vulnerability Scanners

NMAP

Malware Detection Tools

Tools for Validating Password Strength

Host-Based Vulnerability Scanners

Shell/Awk/etc

Knowledge Base

Master Checklists

Chapter 9 Auditing Web Servers and Web Applications

Background

Web Auditing Essentials

One Audit with Multiple Components

Part 1: Test Steps for Auditing the Host Operating System

Part 2: Test Steps for Auditing Web Servers

Part 3: Test Steps for Auditing Web Applications

Additional Steps for Auditing Web Applications

Tools and Technology

Knowledge Base

Master Checklists

Chapter 10 Auditing Databases

Background

Database Auditing Essentials

Common Database Vendors

Database Components

NoSQL Database Systems

Test Steps for Auditing Databases

Initial Steps

Operating System Security

Account Management

Permissions Management

Data Encryption

Security Log Monitoring and Management

Tools and Technology

Auditing Tools

Monitoring Tools

Encryption Tools

Knowledge Base

Master Checklist

Chapter 11 Auditing Big Data and Data Repositories

Background

Big Data and Data Repository Auditing Essentials

Test Steps for Auditing Big Data and Data Repositories

Knowledge Base

Master Checklist

Chapter 12 Auditing Storage

Background

Storage Auditing Essentials

Key Storage Components

Key Storage Concepts

Test Steps for Auditing Storage

Initial Steps

Account Management

Storage Management

Encryption and Permissions Management

Security Monitoring and Other General Controls

Knowledge Base

Master Checklists

Chapter 13 Auditing Virtualized Environments

Background

Commercial and Open-Source Projects

Virtualization Auditing Essentials

Test Steps for Auditing Virtualization

Initial Steps

Account Management and Resource Provisioning/Deprovisioning

Virtual Environment Management

Security Monitoring and Additional Security Controls

Knowledge Base

Hypervisors

Tools

Master Checklists

Chapter 14 Auditing End-User Computing Devices

Background

Part 1: Auditing Windows and Mac Client Systems

Windows and Mac Auditing Essentials

Test Steps for Auditing Windows and Mac Client Systems

Tools and Technology

Knowledge Base

Part 2: Auditing Mobile Devices

Mobile Device Auditing Essentials

Test Steps for Auditing Mobile Devices

Additional Considerations

Tools and Technology

Knowledge Base

Master Checklists

Chapter 15 Auditing Applications

Background

Application Auditing Essentials

Test Steps for Auditing Applications

Input Controls

Interface Controls

Audit Trails and Security Monitoring

Account Management

Permissions Management

Software Change Controls

Backup and Recovery

Data Retention and Classification and User Involvement

Operating System, Database, and Other Infrastructure Controls

Master Checklists

Chapter 16 Auditing Cloud Computing and Outsourced Operations

Background

Cloud Computing and Outsourced Operations Auditing Essentials

IT Systems, Software, and Infrastructure Outsourcing

IT Service Outsourcing

Other Considerations for IT Service Outsourcing

Third-Party Reports and Certifications

Test Steps for Auditing Cloud Computing and Outsourced Operations

Initial Steps

Vendor Selection and Contracts

Account Management and Data Security

Operations and Governance

Legal Concerns and Regulatory Compliance

Tools and Technology

Knowledge Base

Master Checklist

Chapter 17 Auditing Company Projects

Background

Project Auditing Essentials

High-Level Goals of a Project Audit

Basic Approaches to Project Auditing

Waterfall and Agile Software Development Methodologies

Seven Major Parts of a Project Audit

Test Steps for Auditing Company Projects

Overall Project Management

Project Startup, Requirements Gathering, and Initial Design

Detailed Design and System Development

Testing

Implementation

Training

Project Wrap-Up

Knowledge Base

Master Checklists

Chapter 18 Auditing New/Other Technologies

Background

New/Other Technology Auditing Essentials

Generalized Frameworks

Best Practices

Test Steps for Auditing New and Other Technologies

Initial Steps

Account Management

Permissions Management

Network Security and Controls

Security Monitoring and Other General Controls

Master Checklists

Part III Frameworks, Standards, Regulations, and Risk Management

Chapter 19 Frameworks and Standards

Introduction to Internal IT Controls, Frameworks, and Standards

COSO

COSO Definition of Internal Control

Key Concepts of Internal Control

Internal Control–Integrated Framework

Enterprise Risk Management–Integrated Framework

Relationship Between Internal Control and Enterprise Risk Management Publications

IT Governance

People also search:

Information Technology Auditing 3rd Edition

Information Technology Auditing 3rd Edition pdf

Information Technology Auditing

what is information technology auditor

impact of information technology on auditing

information technology audit definition