MeeraV | 141 days ago | 0 comments
|
julzhef | 307 days ago | 0 comments
|
MeeraV | 601 days ago | 0 comments
| |
Downloads
Posted by ISACA 341 days ago
|
Books
Posted by ISACA 512 days ago
|
Books
Posted by ISACA 519 days ago
|
Books
Posted by ISACA 572 days ago
|
Volume 5, 2010
by Tommie W. Singleton, Ph.D., CISA, CGEIT, CITP, CMA, CPA
To mitigate the risks associated with access control, it is necessary to identify the risks associated with access controls and to assess the level of those risks.
|
These links, which have been contributed by site users, link to external third-party web sites. ISACA has not evaluated these web sites and accepts no responsibility for their suitability, security or privacy practices.
Since the publication of “IT Auditing: An Adaptive Process”, audit standards and guidelines have been added or revised to establish a new baseline for performing assurance services. These pronouncements have made parts of my original edition incomplete. Thus, "IT Auditing: An Adaptive System" has additional detail information necessary to bridge this knowledge gap by updating all of the following chapters: Chapter 1 Planning, Chapter 2 Study and Evaluation of Controls, Chapter 3 Testing and Evaluating, and Chapter 4 Reporting. Historically, ISACA’s audit standards and guidelines did not include statements addressing assurance follow-up mandatory requirements and practice recommendations. Therefore, in response to these changes, another chapter was written to accommodate the addition of ISACA’s standard and guideline regarding the follow-up process. This new chapter is consistent with generally accepted follow-up procedures as well as ISACA’s standards and guidelines.
|
Since the publication of “IT Auditing: An Adaptive Process”, audit standards and guidelines have been added or revised to establish a new baseline for performing assurance services. These pronouncements have made parts of my original edition incomplete. Thus, "IT Auditing: An Adaptive System" has additional detail information necessary to bridge this knowledge gap by updating all of the following chapters:
Chapter 1 Planning
Chapter 2 Study and Evaluation of Controls
Chapter 3 Testing and Evaluating
Chapter 4 Reporting
Historically, ISACA’s audit standards and guidelines did not include statements addressing assurance follow-up mandatory requirements and practice recommendations. Therefore, in response these changes, another chapter was written to accommodate the addition of ISACA’s standard and guideline regarding the follow-up process. This new chapter is consistent with generally accepted follow-up procedures as well as ISACA’s standards and guidelines.
|
IT security and risk professionals have historically had a hard time articulating how IT threats might negatively impact the business. That needs to change. Attacks on government sites, substantial fraud, and massive privacy breaches continue to expose to the world the high level of risk connected to our corporate and national IT infrastructure. Executives and managers will need to rely more on IT security data and analysis in order to better protect their corporate interests.
Contributed by ISACA on 30 Jun 2010
|
Due to the stunning increase in the amount of regulatory and industry requirements over the past decade, a methodology commonly referred to as governance, risk and compliance (GRC) emerged.
Contributed by ISACA on 30 Jun 2010
|
Provides a proven approach to assessing IT security frameworks, architectures, methods, and techniques. This publication converts selected audit standards and guidelines into practical applications using detailed examples and vivid graphics - including definitions of over 140 acronyms helpful in auditing and reviewing.
Contributed by ISACA on 29 May 2010
|
Compliance is a fact of business life that challenges organizations of all sizes. Just ticking off boxes on audits is not enough to keep you secure. You must account for compliance in your physical and virtualized environments. Read this paper to learn about an operational security solution that delivers compliance as an ongoing feature.
Contributed by ISACA on 29 May 2010
|
|
|