Achieving Data Warehouse Nirvana
Christopher Reed, Yaping Wang, CISA, PMP, and Angsuman Dutta
The proposed approach outlines a framework for ensuring the integrity of data warehouse information by using end-to-end information controls.
Applying Data Analytics to IS Audit
Michael Hoesing, CISA, ACDA, CDP, CIA, CISSP, CMA, CPA
This article wishes to expand on the prior articles by providing specific implementations of data analytics to the IS audit scope of the audit universe, moving beyond financial audit techniques.
Health Care Reform Legislation Survival Guide, Part 1
Christopher P. Buse, CISA, CISSP, CPA, Larry Marks, CISA, CGEIT, CFE, CISSP, PMP, and Steve Sizemore, CISA, CGAP, CIA
This article will briefly describe the HITECH Act and its impact on IT professionals.
Five Questions With...
William R. Stanek
Stanek is a leading technology expert, an award-winning author and an instructional trainer.
Gan Subramaniam, CISA, CISM, CCNA, CCSA, CIA, CISSP, SSCP, ISO 27001 LA
Please list the ‘things we hate’ about IT security or information security from your point of view. You may also wish to add what IT security must do in terms of making amends.
Boston, Berlin, Baghdad and Bora Bora
Steven J. Ross, CISA, CISSP, MBCP
I believe that there are differences of custom, law, communications, politics and history that make the realization of a Platonic ideal of information security unachievable.
Top Five Fraud Axioms IT Auditors Should Know
Tommie W. Singleton, Ph.D., CISA, CITP, CMA, CPA
This article attempts to identify some of the most important facts about fraud that are particularly applicable to the IT audit function.
JOnline: Auditing Electronic Auction Systems
Ladislav Beranek, Ph.D., CISA
The purpose of this article is to highlight the nature of the various risks inherent in electronic auctions and to outline some controls to prevent and/or mitigate these risks.
JOnline: Security of Industrial Control Systems
Erwin van der Zwan, CISA, CISM, CISSP
The purpose of this article is to summarize the major cybersecurity issues of ICS to help improve awareness among owners, (security) professionals, auditors and policy makers and to help organizations recognize threats and vulnerabilities.
JOnline: Using Microsoft Office in Analyzing SAP SoD and Beyond
Haiyan Chen, CISA, CIA
Properly assessing SoD has increasingly become a challenge in today’s businesses, due to increasing reliance on complicated information systems and deficient knowledge of the new forms of risks posed by computerized business processes.