IT Audit, Control, and Security

Introduction.
 
Part One Auditing Internal Controls in an IT Environment.
 
Chapter 1 SOx and the COSO Internal Controls Framework.
 
Roles and Responsibilities of IT Auditors.
 
Importance of Effective Internal Controls and COSO.
 
COSO Internal Control Systems Monitoring Guidance.
 
Sarbanes-Oxley Act.
 
Wrapping It Up: COSO Internal Controls and Sox.
 
Notes.
 
Chapter 2 Using CobiT to Perform IT Audits.
 
Introduction to CobiT.
 
CobiT Framework.
 
Using CobiT to Assess Internal Controls.
 
Using CobiT in a SOx Environment.
 
CobiT Assurance Framework Guidance.
 
CobiT in Perspective.
 
Notes.
 
Chapter 3 IIA and ISACA Standards for the Professional Practice of Internal Auditing.
 
Internal Auditing's International Professional Practice Standards.
 
Content of the IPPF and the IIA International Standards.
 
Strongly Recommended IIA Standards Guidance.
 
ISACA IT Auditing Standards Overview.
 
Codes of Ethics: The IIA and ISACA.
 
Notes.
 
Chapter 4 Understanding Risk Management Through COSO ERM.
 
Risk Management Fundamentals.
 
Quantitative Risk Analysis Techniques.
 
IIA and ISACA Risk Management Internal Audit Guidance.
 
COSO ERM: Enterprise Risk Management.
 
IT Audit Risk and COSO ERM.
 
Notes.
 
Chapter 5 Performing Effective IT Audits.
 
IT Audit and the Enterprise Internal Audit Function.
 
Organizing and Planning IT Audits.
 
Developing and Preparing Audit Programs.
 
Gathering Audit Evidence and Testing Results.
 
Workpapers and Reporting IT Audit Results.
 
Preparing Effective IT Audits.
 
Notes.
 
Part Two Auditing IT General Controls.
 
Chapter 6 General Controls in Today's IT Environments.
 
Importance of IT General Controls.
 
IT Governance General

Robert R. Moeller (Evanston, IL), CPA, CISA, PMP, CISSP, is the founder of Compliance and control Systems Associates, a consulting firm that specialized in internal audit and project management with a strong understanding of information systems, corporate governance and security. He has over 30 years of experience in internal auditing, ranging from launching new internal audit functions in several companies to serving as audit director for a Fortune 50 corporation. He held positions with Grant Thornton (National Director of Computer Auditing) and Sears Roebuck (Audit Director). A frequently published author and professional speaker, Moeller provides insights into many of the new rules impacting internal auditors today as well as the challenges audit committees face when dealing with Sarbanes-Oxley, internal controls, and their internal auditors. Moeller is the former president of the Institute of Internal Auditor s Chicago chapter and has served on the IIA s International Advanced Technology Committee. He is also the former chair of the AICPA s Computer Audit Subcommittee.