To all Audit Standards topic members,The Audit Standards topic is undergoing some changes. At the suggestion of ISACA’s Communities Committee and with approval by the community topic leaders, we will merge Audit Standards with Audit Guidelines. This merge...
Tammie111 | 11/28/2012 11:15:42 PM | COMMENTS(2)
|
Happy New Year All!
You may have read the following:
ISACA is pleased to announce the launch of email-enabled discussions! Once you enable this feature, you will be able to participate in Knowledge Center topic discussions by responding to the discus...
MeeraV | 1/2/2012 12:40:47 PM | COMMENTS(0)
|
I was wondering if anyone has ever heard of a service provider charging their customer a fee for a copy of their SAS70 Type II report (Service Auditor Reprot).
We contacted our service provider to obtain a copy of their SAS70 Type II report for our audit...
julzhef | 7/20/2011 11:30:51 AM | COMMENTS(0)
|
I am part of the ISACA's professional standards committee. Our bi-annual meeting is coming up in October.
Wanted to check if anyone has read the ITAF framework posted by ISACA to this topic and have suggestions for the new IT audit standards? I can t...
MeeraV | 9/29/2010 7:29:56 PM | COMMENTS(0)
|
Downloads
Posted by ISACA 733 days ago
|
Books
Posted by ISACA 15 days ago
|
Books
Posted by ISACA 15 days ago
|
Books
Posted by ISACA 15 days ago
|
Downloads
Posted by ISACA 15 days ago
|
Exam Preparation
Posted by ISACA 15 days ago
|
Volume 5, 2010
by Tommie W. Singleton, Ph.D., CISA, CGEIT, CITP, CMA, CPA
To mitigate the risks associated with access control, it is necessary to identify the risks associated with access controls and to assess the level of those risks.
|
These links, which have been contributed by site users, link to external third-party web sites. ISACA has not evaluated these web sites and accepts no responsibility for their suitability, security or privacy practices.
Since the publication of “IT Auditing: An Adaptive Process”, audit standards and guidelines have been added or revised to establish a new baseline for performing assurance services. These pronouncements have made parts of my original edition incomplete. Thus, "IT Auditing: An Adaptive System" has additional detail information necessary to bridge this knowledge gap by updating all of the following chapters: Chapter 1 Planning, Chapter 2 Study and Evaluation of Controls, Chapter 3 Testing and Evaluating, and Chapter 4 Reporting. Historically, ISACA’s audit standards and guidelines did not include statements addressing assurance follow-up mandatory requirements and practice recommendations. Therefore, in response to these changes, another chapter was written to accommodate the addition of ISACA’s standard and guideline regarding the follow-up process. This new chapter is consistent with generally accepted follow-up procedures as well as ISACA’s standards and guidelines.
|
Since the publication of “IT Auditing: An Adaptive Process”, audit standards and guidelines have been added or revised to establish a new baseline for performing assurance services. These pronouncements have made parts of my original edition incomplete. Thus, "IT Auditing: An Adaptive System" has additional detail information necessary to bridge this knowledge gap by updating all of the following chapters:
Chapter 1 Planning
Chapter 2 Study and Evaluation of Controls
Chapter 3 Testing and Evaluating
Chapter 4 Reporting
Historically, ISACA’s audit standards and guidelines did not include statements addressing assurance follow-up mandatory requirements and practice recommendations. Therefore, in response these changes, another chapter was written to accommodate the addition of ISACA’s standard and guideline regarding the follow-up process. This new chapter is consistent with generally accepted follow-up procedures as well as ISACA’s standards and guidelines.
|
IT security and risk professionals have historically had a hard time articulating how IT threats might negatively impact the business. That needs to change. Attacks on government sites, substantial fraud, and massive privacy breaches continue to expose to the world the high level of risk connected to our corporate and national IT infrastructure. Executives and managers will need to rely more on IT security data and analysis in order to better protect their corporate interests.
Contributed by ISACA on 30 Jun 2010
|
Due to the stunning increase in the amount of regulatory and industry requirements over the past decade, a methodology commonly referred to as governance, risk and compliance (GRC) emerged.
Contributed by ISACA on 30 Jun 2010
|
Provides a proven approach to assessing IT security frameworks, architectures, methods, and techniques. This publication converts selected audit standards and guidelines into practical applications using detailed examples and vivid graphics - including definitions of over 140 acronyms helpful in auditing and reviewing.
Contributed by ISACA on 29 May 2010
|
Compliance is a fact of business life that challenges organizations of all sizes. Just ticking off boxes on audits is not enough to keep you secure. You must account for compliance in your physical and virtualized environments. Read this paper to learn about an operational security solution that delivers compliance as an ongoing feature.
Contributed by ISACA on 29 May 2010
|
|
Grupos de Estudio para Acreditaciones de JUNIO, SEPTIEMBRE Y DICIEMBRE 2013.
Para los que esten interesados en la presentación del exámen de certificación CISA y CISM o para cualquiera que desee comenzar a prepararse para estas o las próximas pruebas, pu...
Posted By : Alexander Osorio | 0 comments
| |
|
|