IT Auditing

Using Controls to Protect Information Assets

Chris J. Davis, Mike Schiller, Kevin Wheeler

450 pages, parution le 29/12/2006

Ajouter à une liste

Indisponible

Résumé

Protect Your Systems with Proven IT Auditing Strategies

"A must-have for auditors and IT professionals." Doug Dexter, CISSP-ISSMP, CISA, Audit Team Lead, Cisco Systems, Inc.

Plan for and manage an effective IT audit program using the in-depth information contained in this comprehensive resource. Written by experienced IT audit and security professionals, IT Auditing: Using Controls to Protect Information Assets covers the latest auditing tools alongside real-world examples, ready-to-use checklists, and valuable templates. Inside, you'll learn how to analyze Windows, UNIX, and Linux systems; secure databases; examine wireless networks and devices; and audit applications. Plus, you'll get up-to-date information on legal standards and practices, privacy and ethical issues, and the CobiT standard.

Build and maintain an IT audit function with maximum effectiveness and value

Implement best practice IT audit processes and controls
Analyze UNIX-, Linux-, and Windows-based operating systems
Audit network routers, switches, firewalls, WLANs, and mobile devices
Evaluate entity-level controls, data centers, and disaster recovery plans
Examine Web servers, platforms, and applications for vulnerabilities
Review databases for critical controls
Use the COSO, CobiT, ITIL, ISO, and NSA INFOSEC methodologies
Implement sound risk analysis and risk management practices
Drill down into applications to find potential control weaknesses

L'auteur - Chris J. Davis

Chris Davis, CISSP, of Texas Instruments, leverages practical experience from a global corporate environment. Mr. Davis has managed worldwide teams in security architecture, design, and product management. Mr. Davis has trained and presented at Blazck Hat, ISSA, CISA, ConSecWest, McCombs School of Business, 3GSM World Congress, and others in areas including advanced computer forensic analysis of various platforms and devices, information security, and hardware security design. His contributions include projects for Gartner, Harvard, SANS, CIS, and the McCombs School of Business. He has enjoyed positions at eForensics, Cisco Systems, Austin Microsoft Technology Center, and currently Texas Instruments. Mr. Davis was a US Navy Submariner on the USS Nebraska and Submarine NR-1. He holds a bachelor's degree in Nuclear Engineering from Thomas Edison, and a master's in Business from the University of Texas at Austin.

L'auteur - Mike Schiller

Mike Schiller, CISA, has 14 years of experience in the IT audit field, most recently as the worldwide IT Audit Manager at Texas Instruments.

L'auteur - Kevin Wheeler

Kevin Wheeler, CISA, CISSP, NSA IAM/IEM, is the founder and CEO of InfoDefense and has over ten years of IT security experience.

Sommaire

Audit Overview
- Building an Effective Internal IT Audit Function
- The Audit Process
Auditing Techniques
- Auditing Entity-Level Controls
- Auditing Data Centers and Disaster Recovery
- Auditing Switches, Routers, and Firewalls
- Auditing Windows Operating Systems
- Auditing Unix and Linux Operating Systems
- Auditing Web Servers
- Auditing Databases
- Auditing Applications
- Auditing WLAN and Mobile Devices
- Auditing Company Projects
Frameworks, Standards, and Regulations
- Frameworks and Standards
- Regulations
- Risk Management

Voir tout

Replier

Caractéristiques techniques

	PAPIER
Éditeur(s)	Mc Graw-Hill - Osborne
Auteur(s)	Chris J. Davis, Mike Schiller, Kevin Wheeler
Parution	29/12/2006
Nb. de pages	450
Format	19 x 23
Couverture	Broché
Poids	695g
Intérieur	Noir et Blanc
EAN13	9780072263435
ISBN13	978-0-07-226343-5