Volume 3, 2011 

The ISACA Journal is dedicated to the publication of managerial and technical guidance from experienced global authors to enhance the proficiency and competitive advantage of its international readership. With volume 3, 2011, the Journal focuses on the theme Data Miners, with articles on data security risks of cloud computing, automated audit testing and IFRS implementation, among others.

CPE Quiz
Quiz 136
Based on Volume 1, 2011
Features
Automated Audit Testing for SAP Data—Benefit or Just Another Black Box?
Stefan Wenig and Kyung-Hee Anita Kim-Reinartz
This article discusses ways to standardize data extraction and audit routines.
Every Silver Cloud Has a Dark Lining
Carl Cadregari, CISA, and Alfonzo Cutaia, Esq.
Organizations need to be agile so that they can adapt to the storms on the horizon.
General Auditing for IT Auditors
Danny M. Goldberg, CISA, CGEIT, CIA, CPA
This article focuses on the general (i.e., financial, controls and operational) audit process, where IT fits into this process and how to bring it all together.
Math on Malware
Henk-Jan van der Molen
The purpose of this article is to use the insights of network theory in the discussion of how the malware problem can be reduced.
Questions That Must Be Addressed for a Successful IFRS Implementation
William C. Brown, CISA, CPA, and Byron J. Pike, CPA
The US Securities and Exchange Commission (SEC) is planning what could be among the largest changes in the history of American accounting.
The Assimilation of Marketing’s Service Quality Principles and the IT Auditing Process
Thomas J. Bell III, Ph.D., CISA, PMP, and Thomas Smith, Ph.D.
This article discusses techniques that IT auditors can use to improve the quality of their Statement on Auditing Standards (SAS) No. 70 auditing services.
Five Questions
Five Questions With...
Francisco Garcia Moran
Garcia Moran started his career as a teacher and IT engineer at the University of Seville (Spain).
HelpSource Q&A
HelpSource Q&A
Gan Subramaniam, CISA, CISM, CCNA, CCSA, CIA, CISSP, ISO 27001 LA, SSCP
How can we calculate the cost of security incidents, and is there any formula that is readily available and widely followed?
Information Security Matters
Who Pays for Security?
Steven J. Ross, CISA, CISSP, MBCP
Given a certain level of security over information resources in an organization, who is paying for it in any given organization?
IT Audit Basics
Understanding and Applying Benford’s Law
Tommie W. Singleton, Ph.D., CISA, CGEIT, CITP, CPA
This article will attempt to describe what Benford’s Law is, when it could apply and what constraints to consider before applying it in an IT audit.
Online Exclusive
JOnline: An Introduction to Incident Preparedness and Operational Continuity Management Based on ISO/PAS 22399:2007
Haris Hamidovic, CIA, ISMS IA, ITIL-F, IT Project+
The main objective of this article is to provide an introduction to the key elements of IPOCM, based on ISO/PAS 22399:2007.
JOnline: Book Review: Fraud Auditing and Forensic Accounting, 4th Edition
Tommie W. Singleton and Aaron J. Singleton | Reviewed by Horst Karin, Ph.D., CISA, CISP, ITIL
The mission of this book is to provide a comprehensive textbook filled with knowledge, experience and methodologies for the financial auditor, fraud auditor and forensic accountant.
JOnline: Top IT Governance Issues of 2011
Larry Marks, CISA, CGEIT, CRISC, CFE, CISSP, PMP
This article seeks to identify a tentative list of the most prominent issues that are impacting stakeholders in the governance space in 2011.
Standards, Guidelines, Tools and Techniques
Standards, Guidelines, Tools and Techniques
ISACA Member and Certification Holder Compliance
Get an up-to-date listing of the current IT Audit and Assurance Standards, Guidelines, and Tools and Techniques.
Translated Articles