Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] I/O components ICMP (Internet Control Message Protocol) ideal Certified Information Systems Auditor candidate 2nd 3rd identification 2nd 3rd 4th IDS (intrusion-detection systems) 2nd impact implementation security 2nd 3rd access standards auditing logical access 2nd data ownership formal security awareness and training 2nd logical access policies reviewing policies and procedures security administrators implementation (application systems) acquisition processes 2nd change control and emergency change-management 2nd implementation practices 2nd implementation (SDLC) 2nd 3rd improving business processes benchmarking 2nd 3rd 4th BRP (business process re-engineering) 2nd 3rd 4th performance indicators 2nd 3rd 4th incident handling and response incremental backups information owners security management responsibilities Information Systems Auditing Association. [See ISACA] Information Systems Security information-gathering techniques 2nd 3rd 4th informative policies inherent risk input authorization 2nd input/output controls batch controls input authorization 2nd Insecure installing Certified Tech Trainers CD-ROM 2nd insurance liability insurance 2nd property insurance 2nd integrated audits integrity transaction integrity integrity controls 2nd interface/integration testing internal accounting controls internal controls. [See controls] International Organization for Standardization. [See ISO] Internet Internet Control Message Protocol (ICMP) Internet Protocol (IP) interoperability system upgrade risks intranets intruders intrusion methods 2nd active attacks 2nd passive attacks 2nd viruses 2nd worms intrusion-detection systems (IDS) 2nd invitation to tender (ITT) 2nd 3rd IP (Internet Protocol) IPSec IS auditors security management responsibilities operational practices 2nd risks and controls 2nd organization and structure evaluating 2nd 3rd 4th 5th outsourcing 2nd 3rd 4th 5th segregation of duties 2nd 3rd policies 2nd BCP (business continuity management) 2nd 3rd contingency policies contract management 2nd 3rd 4th 5th 6th 7th 8th 9th deployment 2nd development 2nd 3rd 4th development: advisory policies development: informative policies development: regulatory policies DRP (disaster recovery planning) 2nd 3rd ensuring compliance with 2nd 3rd financial and accounting policies hardware policies network policies operations policies organizational policies planning policies problem- and change management 2nd 3rd project management 2nd 3rd 4th quality management 2nd 3rd 4th 5th security management 2nd 3rd 4th 5th 6th 7th security policies procedures 2nd 3rd 4th definition of ensuring compliance with 2nd 3rd project management 2nd 3rd 4th project life cycle 2nd risk indicators 2nd system upgrade risks 2nd roles and responsibilities 2nd 3rd security committees security management responsibilities strategies 2nd BCP (business continuity management) 2nd 3rd contract management 2nd 3rd 4th 5th 6th 7th 8th 9th DRP (disaster recovery planning) 2nd 3rd problem- and change management 2nd 3rd project management 2nd 3rd 4th quality management 2nd 3rd 4th 5th risk-mitigation strategies 2nd 3rd security management 2nd 3rd 4th 5th 6th 7th steering committees 2nd strategic planning 2nd IS (information systems) audits 2nd 3rd attestation 2nd attribute sampling 2nd compliance testing 2nd findings and recommendations 2nd SAS 70 2nd SAS 94 2nd substantive testing variance sampling 2nd 3rd IS audit process 2nd adminstrative audits aligning controls with business objectives applications 2nd data management IT department heads IT steering committees 2nd operations organizational structure 2nd 3rd quality assurance security department 2nd strategic planning 2nd technical support audit conclusions 2nd evidence 2nd 3rd 4th 5th 6th information-gathering techniques 2nd 3rd 4th organization's use of system platforms, IT infrastruction, and applications 2nd audit phases 2nd communicating audit results 2nd 3rd 4th communication techniques 2nd compliance audits controls administrative controls internal accounting controls objectives and activities 2nd 3rd 4th operational controls table of 2nd CSA (control self-assessment) 2nd financial audits information systems audits 2nd 3rd attestation 2nd attribute sampling 2nd compliance testing 2nd findings and recommendations 2nd SAS 70 2nd SAS 94 2nd substantive testing variance sampling 2nd 3rd integrated audits ISACA CobiT framework 2nd 3rd ISACA Code of Professional Ethics 2nd 3rd 4th ISACA IS Auditing Guidelines and Procedures 2nd ISACA IS Auditing Standards 2nd 3rd codification 2nd table of 2nd 3rd operation audits personnel-management techniques 2nd 3rd planning and management techniques 2nd 3rd 4th 5th 6th practice questions 2nd 3rd reports 2nd 3rd review 2nd risk management and control practices 2nd IS, business, and audit risk 2nd 3rd risk-analysis methods 2nd 3rd risk-based audit strategy and objectives 2nd 3rd segregation of duties 2nd IS steering committees 2nd ISACA (Information Systems Auditing Association) CobiT framework 2nd 3rd Code of Professional Ethics 2nd 3rd 4th IS Auditing Guidelines and Procedures 2nd IS Auditing Standards 2nd 3rd codification 2nd table of 2nd 3rd ISO (International Organization for Standardization) ISO 9001 2nd ISO 9126 2nd IT department heads developers security management responsibilities organizational structure 2nd 3rd 4th policies 2nd contingency policies financial and accounting policies hardware policies network policies operations policies organizational policies planning policies security policies risk management 2nd segregation of duties 2nd steering committees 2nd ITT (invitation to tender) 2nd 3rd |