what

job title, keywords

where

city, state, zip

 

 

Auditor’s Guide to IT Auditing, Second Edition

 

 

By Richard E. Cascarino

 

IT audit has been an area that many traditional or old school auditors have tried to avoid or rely on others to address. Given the current technology driven business and government environment it is no longer a path that auditors should seek to journey!  According to the International Standards for the Professional Practice of Internal Auditing (Standards),

 

1210.A3 - Internal auditors must have sufficient knowledge of key information technology risks and controls and available technology-based audit techniques to perform their assigned work.

 

While the Standards do not require all internal auditors to have the expertise of an internal auditor whose primary responsibility is information technology auditing it is important that EVERY auditor understand IT risks and controls.

 

This updated edition of Richard Cascarino’s book is a must read for all internal auditors regardless of their responsibilities.  Because technology is integrated into every aspect of business the CAE should ensure that all audit staff have the knowledge, skills and abilities to evaluate the IT risks and controls. The book covers that latest technology issues including Software as a Service (SaaS) or more commonly referred to as the Cloud. 

The author provides control objectives and risks, common problems, and audit procedures for IT audit areas including detailed audit programs for application systems, logical access control, UNIX/LINUS and VISTA/Windows 7.

 

As AuditNet® has continuously promoted the use of technology for audit an excellent bonus is the companion Website where those who purchase the book can download an educational version of IDEA – Data Analysis Software.

 

I have not come across any book on IT Audit that covers the material in such a straight forward easy to understand format. Fill in the gap in your department’s professional library with The Auditor’s Guide to IT Auditing as a reference for all staff. If you or your staff are preparing for the CISA or CISM exams then this is a must have study guide.

JK June 2012