This IT self assessment tool can be used to identify gaps in capability and create the baseline for a benchmark against Cobit’s standards for best practice and identify opportunities for improvement.
This presentation provides an overview of cyber forensics – what is forensics? what is cyber forensics? who uses cyber forensics? what are the skills needed for cyber forensics?
The purpose of this report is to provide an independent assurance to government projects but its lessons are universally applicable – the same assurance discipline can be applied to IT investments.
This presentation discusses the planning and implementation of an IT audit – what are the key considerations? how to address the requirements of an IT Audit?
This presentation provides an overview of Statement on Auditing Standards aka SAS 70 auditing standard – what is SAS 70 report? what is the terminology used? how to perform a SAS 70 audit? what are the key considerations? how to use a SAS 70 report? how to evaluate a SAS 70 report?
This presentation provides an overview of the general IT audit approach at visa and discusses standardization, audit exception reporting and audit issue remediation processes.
This presentation discusses concepts, best practices, business case, and implementation guidelines for continuous auditing. It presents a case study to depict the practical application of these concepts.
This paper provides an overview of computer audit – what are the main activities in conducting a computer audit and what is the role of the computer auditor?
This excellent presentation provides an overview of information technology audit – for the non-auditor. It starts with the basics – what is an IT audit? – then goes on to establish a baseline of key terms and concepts, automated controls, difference between financial and IT controls, dispels common myths, and, how to test common IT controls.
This presentation provides a primer on virtualization, discusses things to know about virtualization from an IT audit perspective – "What IS virtualization? What are the issues? What is a reasonable, “AUDIT-READY” secure Reference Architecture?"