IT Auditing Using Controls to Protect Information Assets (2nd ed)

Chris Davis, Mike Schiller, Kevin Wheeler

Published by

McGraw-Hill

ISBN

978-0-07-174238-2

RRP

£51.99

Reviewed by

Elias Pimenidis MBCS CITP

Score

9 out of 10

IT AuditingWritten by professionals and consultants for the benefit of practising IT auditors, this book is an invaluable manual. It does not describe and evaluate tools and techniques, but instead focuses on the planning of effective audits to ensure that an organisation’s valuable information assets are adequately protected.

The book covers the full topics that IT auditors need to be aware of, plan for and assess in fulfilling their role and contributing towards protecting an organisation’s information assets. IT audit roots are discussed and explained for the benefit of novice auditors and as a refresher for the experienced ones.

Along with the traditional risks and approaches to IT auditing, new threats evolving from the use of new technologies (mobile and wireless devices) and new application domains (e.g. social networks) are addressed.

The authors discuss planning regimes and audit checklists that could serve the grounding of emerging IT auditing and information assurance professionals, but could also meet the needs of corporate managers involved in an audit. It is the authors’ view that, by allowing each party to understand each other’s challenges, an audit could be planned and executed efficiently, effectively and without disturbing the normal flow of operations.

The author’s main aims are to a) provide guidance as to how to perform IT audits while maximising the value provided to the audited organisation, b) explain the basic topics, processes and technologies employed in an IT audit and c) provide exposure to IT audit standards and frameworks, as well as the regulations that are currently driving the IT auditing profession.

In my view they have met all their aims and have delivered a book that should prove a great toolkit for IT audit professionals. Business managers, academics and postgraduate research students should find it equally attractive. Overall this work is of very good value for money.

Further Information: McGraw-Hill

April 2011