Rating: 
Summary: The most valuable IT audit tool
Review: This book is probably the most valuable IT audit tool in terms of providing the user(reader) with guidance in conducting IT audits on informaiton systems, intruducing tools and techniques to solve security and control problems, and explaining the latest professional standards and legislations concerning IT auditing. From the fundamental concepts to best practices, this book covers every thing you want to know about IT audit in system development, network, application and IT operation environments. In addition, a large amount of valuable information, such as information about various professional associations and their standards that apply to information technology, is provided at the end of the book in appendixes. The appendixes also provides case studies, sample audit programs, and glossary that are very helpful to those who are new to IT auditing area. As a student in IT auditing major, I found that following this book is a very effective way to build up knowledge and experience in this area.
Rating:
Summary: Critique on Information Control and Audit
Review: I personally love this book because of the following reasons: 1. This book is very easy to read- compared to the other books I have read, this book presents the contents in a very clear and concise way. 2. A very through book- the book provides people with detailed information about IS auditing. It covers most areas in which an IS auditor will utilize in his/her practice. 3. An informative book- the book provides people with different valuable tools, techniques as well as guidelines in addressing the audit, control and security problems. In addition, the book provides numerous research resources and case studies.However, the format of the book may be improved by the following suggestion: the book should use different font size to distinguish different level headings.
Rating:
Summary: Book Review
Review: For those who know nothing about auditing, this book provides a clear understanding of what auditing is. This book has great references to organizations affiliated with the field. The examples in the book are useful for understanding how to write an auditing program, with step - by - step methods on how to start an audit. Overall, two thumbs up for those who want to know what auditing is all about. Highly recommended.
Rating:
Summary: Good IT auditing book
Review: I do not understand the IT auditing field, but I know that this field has a bright future in the job market. I need a book to help me to understand the IT auditing field. Therefore, I have found out this book and finished reading all chapters. Chapters 1-3 are talking about the history and evolution of the IT auditing. Chapter 4 is about IT auditing and the IT system development. Chapters 5-8 are talking about the role and important of IT auditing in IT application review. Chapters 9-13 are talking about the role and important of IT auditing in IT operation review. Chapter 14 provides information about the legal environment and the IT auditing. Chapter 15 is about security and privacy of information system. Chapter 16 is about career planning and development, evaluating audit quality, and best practices. The final chapter 17 is about future of IT auditing. I have learned lots from this book, so I recommend to any reader who interests in the IT auditing field to buy this book.
Rating:
Summary: Do you want to explore IT auditing?
Review: The book "Information Technology Control and Audit" is a good reference not only for the beginners, but also for professionals in Information Systems auditing field. All aspects concerning Information Systems auditing are completely covered in the book, including the most current issues in the Information Systems auditing field such as security and privacy of Information Systems. Other aspects of Information Systems auditing are well laid out, starting from the importance of control and auditability, the development process, application risks and controls, the complexities of CIS operations, and other emerging issues on Information Systems auditing. On the appendix, there are cases to challenge our mind to think about real life situation. Standards and guidelines to professionally establish Information Technology is included as part of the appendix too. Therefore, I strongly recommend this book for those individuals who look for current issues and guidelines on Information Systems auditing field.
Rating:
Summary: A great tool and a great book
Review: I seem this book more than just a book, I see it as a tool as well. Unlike some other books that I have only read and hardly used, this book did provide me useful deatil and example on information auditing professional area.
Rating:
Summary: A Must-Have Reference Book
Review: I think the book is a great text book, because it provides not only profound knowledge about information technology control and audit, and also the applications in real world. For instance, in Chapter 14, The Legal Environment and Its Impart on IS Reviews, it informs readers what should be noticed in IT related contract.
Rating: 
Summary: Excellent resource for Auditors and Security Professionals
Review: The text gives a good background of Information Systems Auditing methodology and best practices. Although some of the examples of Computer Auditing Tools and references to Y2k issues are a bit dated, I recommend this text as a must read for anyone deciding to enter into the IS Auditing field and should be on the shelf of any security professional who wishes to understand IS Auditing practices. I look forward to seeing an updated version of ITCA which includes more in-depth discussions about the impact of Sarbanes-Oxley and other sweeping legislation, updated information about tools and security hazards to be on the lookout for in the course of an audit and more emphasis on incorporating CoBIT into auditing plans.
Rating:
Summary: Brilliant reading for everyone, from novices to experts
Review: "Information Technology Control and Audit" provides a comprehensive look into IS Auditing. The book starts with an introduction to the history of the profession. The author shares with his audience an in-depth look into current methodologies, strategies, and focuses of the profession using real-world scenarios that stimulate the reader. The book is filled with practical knowledge that can be immediately applied to real-world scenarios. "Information Technology Control and Audit" will suit all audiences from novices wanting to satisfy their curiosity of the IS Auditing profession and experts who would would like a reference guide for information assurance.
Rating:
Summary: An Outstanding Book for IT Audit
Review: "Information Technology Control and Audit" is a great reference book. It covers all important things you need to know about IT Audit: from planning a career to auditing a systems-development process to auditing a comflex enterprise environment. The authors share with us great practices from their combined 50 years of experience in Information Systems audit, control and security. I highly recommend this book to those who are considering entering IT audit field as well as those who are already Professionals in the field.
|
