Building on the COBIT 5 framework, this guide focuses on assurance and provides more detailed and practical guidance for assurance professionals and other interested parties at all levels of the enterprise on how to use COBIT 5 to support a variety of IT assurance activities.

Designed to facilitate the use of audit data analytics (ADAs) in the financial statement audit, this title was developed by leading experts across the profession and academia. The guide defines audit data analytics as “the science and art of discovering and analyzing patterns, identifying anomalies, and extracting other useful information in data underlying or related to the subject matter of an audit through analysis, modeling, and visualization for planning or performing the audit.” Simply put, ADAs can be used to perform a variety of procedures to gather audit evidence. Each chapter focuses on an audit area and includes step-by-step guidance illustrating how ADAs can be used throughout the financial statement audit. Suggested considerations for assessing the reliability of data are also included in a separate appendix.

This annual edition provides accountants and other financial professionals with assistance in understanding and applying the special considerations required in a single audit. It is an indispensable resource for auditors performing Yellow Book audits. This new edition provides up-to-date information and expert guidance on single audits and Uniform Guidance compliance audit requirements, including example auditor reports for both the reporting required under Government Auditing Standards and the Uniform Guidance compliance audit.

Of all the audit functions faced by QA, software auditing is probably the most difficult because of the need to know and understand the intricacies of the processes being audited. In addition, auditors must be familiar with and understand the implications of the international and national standards and know how to proceed when deficiencies are revealed. Howard Garston Smith is Software Quality Assurance Auditor for Pfizer, UK, and brings twenty years of expertise in software development and auditing to this incredibly detailed manual. He provides the "what to" and the "how to" of software QA auditing in a clear and practical style that guarantees effective software quality audits.

"This book offers comprehensive explanations of topics in computer system security in order to combat the growing risk associated with technology"--Provided by publisher.

This new edition provides up-to-date information and expert guidance on single audits and Uniform Guidance compliance audit requirements, including example auditor reports for both the financial statement audit and the Uniform Guidance compliance audit. It provides nonfederal entities receiving federal awards with important information on implementing the Uniform Guidance.

Best practices for protecting critical data and systems Information Assurance Handbook: Effective Computer Security and Risk Management Strategies discusses the tools and techniques required to prevent, detect, contain, correct, and recover from security breaches and other information assurance failures. This practical resource explains how to integrate information assurance into your enterprise planning in a non-technical manner. It leads you through building an IT strategy and offers an organizational approach to identifying, implementing, and controlling information assurance initiatives for small businesses and global enterprises alike. Common threats and vulnerabilities are described and applicable controls based on risk profiles are provided. Practical information assurance application examples are presented for select industries, including healthcare, retail, and industrial control systems. Chapter-ending critical thinking exercises reinforce the material covered. An extensive list of scholarly works and international government standards is also provided in this detailed guide. Comprehensive coverage includes: Basic information assurance principles and concepts Information assurance management system Current practices, regulations, and plans Impact of organizational structure Asset management Risk management and mitigation Human resource assurance Advantages of certification, accreditation, and assurance Information assurance in system development and acquisition Physical and environmental security controls Information assurance awareness, training, and education Access control Information security monitoring tools and methods Information assurance measurements and metrics Incident handling and computer forensics Business continuity management Backup and restoration Cloud computing and outsourcing strategies Information assurance big data concerns