Program Magister Komputer

IT Audit and Governance


STMIK Eresha - This course describe about Information Technology Control and Audit, Second Edition is an excellent introductory textbook for IT auditing. It covers a wide range of topics in the field including the audit process, the legal environment of IT auditing, security and privacy, and much more. This textbook first examines the foundation of IT audit and control, discussing what IT auditing involves and the guidance provided by organizations in dealing with control and auditability issues. It then analyzes the process of audit and review, explores IT governance and control, and discusses the CobiT framework and steps that align IT decisions with business strategy. This volume examines project management processes that ensure that projects are controlled from inception through integration. It continues by addressing auditing IT acquisition and implementation, describing risks and controls as related to the life cycle of application systems. It highlights the purchase and installation of new systems, as well as change management.

 

The next section examines the auditing of IT operations in both standalone and global environments, covering types of IT operation, issues related to specific platforms, risk and control assessment, and audit methods and support tools. The textbook concludes with a review of emerging issues, providing undergraduate and graduate students with a thorough overview of a topic critical to organizational security and integrity.This up-to-the-minute guide helps you become more proactive and meet the growing demand for integrated audit services in the 21st century.

Wide-ranging in scope, Information Technology Audits offers expert analysis, practical tools, and real-world techniques designed to assist in preparing for and performing integrated IT audits. Written by a seasoned auditor with more than 22 years of IT audit experience, Information Technology Audits provides the first practical, hands-on look at how organizations use and control information to meet business objectives, and offers strategies to assess whether the company's controls adequately protect its information systems.

Lecture :
1. Ir. Herman Josef Kusumadiantho, M.Kom. (download materi)