Auditing Information Systems Security
S. Rao Vallabhaneni, SRV Professional Publications
Why Audit Information Systems and Security?
Government Laws, Directives, and Regulations: The Sarbanes-Oxley Act of 2002
Professional Auditing Standards
Risks and Exposures, Including Computer Crime and Fraud
What Is the Scope of the Information Security Audit?
Who Performs the Information Systems Security Audits?
What Is the Management's Response to the Audit Results?
Audit Objectives, Audit Work Programs, and Audit Tools and Techniques
Appendix: Government Laws, Directives, and Regulations
U.S. Computer Security Act of 1987
U.S. OMB Circular A-130, Management of Federal Information Resources
Circular A-123.U.S.OMB Circular A-123, Internal Control Systems
U.S. Freedom of Information Act
Security and Freedom Through Encryption (SAFE) Act
Electronic Communications Privacy Act (ECPA)
The Economic Espionage and Protection of Proprietary Economic Information Act of 1996
U.S. Federal Sentencing Guidelines
Organization for Economic Cooperation and Development (OECD)
Get Handbook of Information Security: Threats, Vulnerabilities, Prevention, Detection, and Management, Volume 3 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.