This book is organized into three parts. Part I, "Audit Overview," helps you understand the IT audit process, how to build and maintain an effective IT audit team, and how to maximize the value of the IT audit function. Part II, "Audit Techniques," then helps you understand what specific components or audit steps might be necessary for an audit of a specific system or process. Finally, Part III, "Standards, Frameworks, and Regulations," covers the standards, frameworks, regulations, and risks that govern the scope of the audit function.
Part II contains a series of suggested audit programs or techniques for commonly audited systems and processes. The chapters in this section are structured to quickly help you digest the information that's most useful to you.
This part of the chapter contains information about the topic's history or background information that helps you acclimate to the subject matter.
For chapters dealing with a specific technology, this part of the chapter describes getting around within the technology, and introduces you to basic concepts, commands, and tools.
This is the meat of the chapters in Part II, providing the details on what the auditor should look for, why they should do so (i.e., what risk is being addressed), and how the step can be performed.
This is the audit step that should be performed This is the text immediately following the step stating why this step is important. This part states the reason, such as the risk and business need, the step should be performed.
How This describes how to perform the step. We commonly use design elements such as tables and code listings to help you navigate the content.
This is an example code listing.
This section lists the tools used in the test steps and other tools not covered but mentioned as popular for looking more closely at the technology. The purpose of this is to provide in a shortened format some of the tools readers might want to consider as they look further into the technology.
This is a list of URLs and books where readers can find more information about the topic covered in the chapter. We can't discuss everything, but we can point to other places where others discuss more than you could possibly want to know.
This check-boxed table summarizes the steps listed in the chapter. Similar to other checklists, you may need to customize this checklist according to what makes sense to you and what you consider to be your own high priorities.