The new fifth edition of Information Technology Control and Audit has been significantly revised to include a comprehensive overview of the IT environment, including revolutionizing technologies, legislation, audit process, governance, strategy, and outsourcing, among others. This new edition also outlines common IT audit risks, procedures, and involvement associated with major IT audit areas. It further provides cases featuring practical IT audit scenarios, as well as sample documentation to design and perform actual IT audit work. Filled with up-to-date audit concepts, tools, techniques, and references for further reading, this revised edition promotes the mastery of concepts, as well as the effective implementation and assessment of IT controls by organizations and auditors.
For instructors and lecturers there are an instructor’s manual, sample syllabi and course schedules, PowerPoint lecture slides, and test questions. For students there are flashcards to test their knowledge of key terms and recommended further readings. Go to http://routledgetextbooks.com/textbooks/9781498752282/ for more information.
Part 1. Foundation for IT Audit: 1. Information Technology Environment and IT Audit. 2. Legislation Relevant to Information Technology. 3. The IT Audit Process. 4. Tools and Techniques Used in Auditing IT. Part 2; Planning and Organization: 5. IT Governance and Strategy. 6. Risk Management. 7. Project Management. 8. System Development Life Cycle. Part 3. Auditing Environment: 9. Application Systems: Risks and Controls. 10. Change Control Management. 11. Information Systems Operations. 12. Information Security. 13. Systems Acquisition, Service Management, and Outsourcing. Part 4. Appendixes: 1. IT Planning Memo. 2. Understanding the IT Environment. 3. Sample IT Audit Programs for General Control IT Areas. 4. ACL Best Practice Procedures for Testing Accounting Journal Entries. 5. IT Risk Assessment Example Using NIST SP 800-30. 6. Sample Change Control Management Policy. 7. Sample Information Systems Operations Policy. 8. Auditing End-User Computing Groups. 9. Recommended Control Areas for Auditing Software Acquisitions. 10. Glossary.