Auditing Information SystemsPiattini, Mario Idea Group Inc (IGI), 1999 M07 1 - 254 pages Society's growing dependence on information technology for survival has elevated the importance of controlling and evaluating information systems. A sound plan for auditing information systems and the technology that supports them is a necessity for organizations to improve the IS benefits and allow the organization to manage the risks associated with technology. Auditing Information Systems gives a global vision of auditing and control, exposing the major techniques and methods. It provides guidelines for auditing the crucial areas of IT--databases, security, maintenance, quality, and communications. |
Contents
1 | |
Adoption and Usage Patterns of a Framework for IT Control and Audit | 25 |
ICT Security | 38 |
Audit of Software Maintenance Process | 67 |
Auditing Data Warehouses | 109 |
Information Technology Audit Legal Aspects | 148 |
Framing Database Audit of ISOIEC 12207 Software Life Cycle Processes | 167 |
Auditing Quality is Quality Auditing | 189 |
Function Point Metric Auditing | 216 |
About the Authors | 235 |
Common terms and phrases
according activities adapted analysis application areas aspects Assessment associated audit auditor become carried changes chapter COBIT communication complexity concepts concerning consider Control Objectives correct costs cycle data warehouse database DBMS decision defined definition determine documentation effective electronic environment established Evaluation example exist external Figure Finally framework function point counting Group identify implementation important improve information systems information technology integrity internal ISO/IEC logical maintainer maintenance means measures ment mentioned methodology methods modification nature necessary obtain operation organisation organization performed person phase possible present problems procedures programs reasons requirements responsibilities result risk software product specific stage standard structure Table tasks technical techniques tests tion transactions University users usually