Auditing Information Systems

For the Nontechnical Auditor, the First Complete Guide to Assessing the Control and Security of Virtually Any Computer Information System Auditing Information Systems is a first-of-a-kind handbook to auditing in an information systems environment, allowing the nontechnical auditor to quickly and thoroughly assess the effectiveness of a company's controls in physical and logical security as well as other general controls. The book also includes a detailed look at leading-edge control self-assessment processes, including one of the first applications in an information systems environment. Providing a total look at the newest issues in information systems and auditing, the book also examines: * Computer forensics * Encryption * Year 2000 * Viruses * Software piracy * Computer-assisted audit techniques * Internet security * Service organizations * Systems development * Humanistic aspects of auditing. An ideal reference for the auditor navigating the complex world of information systems, Auditing Information Systems offers complete, detailed guidance in the newest of accounting challenges. With the increased use of client/server networks in industry today, the need for auditors who can perform information system audits is now more important than ever. With the proliferation of different types of computer systems and applications over the past decade, nontechnical auditors as well as managers and board members are being asked to assess the risks and evaluate the controls over these computer systems. Many of these individuals are unfamiliar with techniques they can use to efficiently and effectively perform and evaluate audits of information systems. Auditing Information Systems is a practical, modern guide to assessing the control and security of virtually any type of computer information system. The author also provides a detailed approach to the leading-edge control self-assessment processes, including one of the first applications in an information systems environment. Other topics include: * Computer forensics * Encryption * Year 2000 * Viruses * Software piracy * Computer-assisted audit techniques * Internet security * Service organizations * Systems development * Humanistic aspects of auditing. Auditing Information Systems is the only contemporary auditing book with over 80 real-world case studies. No other work incorporates such a tremendous breadth of information systems auditing concepts and resources. Any auditor who uses this system will obtain the information needed to perform or evaluate a thorough information systems audit.