List of Figures

Chapter 1: Building an Effective Internal IT Audit Function

Figure 1-1: Audit committee board of directors

Figure 1-2: Potential auditing subject areas.

Chapter 2: The Audit Process

Figure 2-1: Types of internal controls and their implementation.

Figure 2-2: Example audit ranking table.

Figure 2-3: Audit process overview.

Figure 2-4: Audit process overview-planning stage.

Figure 2-5: Audit process overview-fieldwork and documentation stage.

Figure 2-6: Audit process overview-issue discovery and validation stage.

Figure 2-7: Audit process overview-solution development stage.

Figure 2-8: Audit process overview-report drafting and issuance stage.

Figure 2-9: Audit process overview-issue-tracking stage.

Chapter 4: Auditing Data Centers and Disaster Recovery

Figure 4-1: Data-processing hierarchy.

Chapter 6: Auditing Windows Operating Systems

Figure 6-1: Auditing hosts model.

Figure 6-2: Retina scanner.

Chapter 7: Auditing Unix and Linux Operating Systems

Figure 7-1: Unix permissions.

Chapter 11: Auditing WLAN and Mobile Devices

Figure 11-1: Example WLAN architecture.

Figure 11-2: Service provider illustration.

Figure 11-3: Network Stumbler in action.

Chapter 13: Frameworks and Standards

Figure 13-1: COSO cube.

Figure 13-2: Expanded COSO cube.

Figure 13-3: CoBIT framework.

Figure 13-4: IT Governance Institute maturity scale.

Figure 13-5: IT Governance Institute maturity model for internal control.

Figure 13-6: CoBIT-COSO relationships.

Chapter 15: Risk Management

Figure 15-1: Risk-management life cycle.

Figure 15-2: Business function decomposition.

Figure 15-4: Risk-management process.

Figure 15-3: Credit card process diagram.