This book provides a comprehensive guide to implementing an integrated and flexible set of IT controls in a systematic way, helping organisations to formulate a complete culture for all areas which must be supervised and controlled.
Nowadays, integrated information systems can significantly magnify the accrued benefits of a given project and greatly strengthen an organisation, but such benefits are balanced by a serious risk. If IT systems are not used in a disciplined manner they can create havoc and they frequently bring about unexpected results and catastrophe, as shown by the rise in security incidents and computer-based crimes.
Making use of a clear and pragmatic presentation, this book provides a thorough description of all elements of IT controls in a systematic and detailed way, allowing managers, IT professionals, practitioners and auditors to customise examples to their own specific purpose.
It is a comprehensive tool for anyone who wishes to cement their understanding of IT controls and, most importantly, for those who aim to realise the full capacity of information systems, whilst rigorously controlling the concomitant risks.
Written with practicality and convenience in mind, this book is an ideal tool for those without specialised technical expertise seeking to understand IT controls and their design, implementation, monitoring, review and audit issues.
This book provides a comprehensive guide to implementing an integrated and flexible set of IT controls in a systematic way. It can help organisations to formulate a complete culture for all areas which must be supervised and controlled; allowing them to simultaneously ensure a secure, high standard whilst striving to obtain the strategic and operational goals of the company.
This book contains practical advice and illustrates solutions to the tremendously complicated problems of designing, implementing and auditing new and existing systems, making use of practical and easily customisable examples.
With well-controlled, integrated and robust IT systems, you can gain a comparative advantage in a competitive environment, whilst ensuring that information is relevant, accurate and timely.
For each covered aspect of control, this book provides audit programmes and checklists to help management and auditors carry out reviews and audits. As an additional aid, there is an appendix comprising guidelines and examples of ‘how to enhance’ IT security, IT policies and ethical code. Auditors will find reference to a large number of very relevant tools for use in auditing and reviewing IT operations.
“John Kyriazoglou has produced a book that is very thorough, useful and a good source of information on a complex subject area ... John Kyriazoglou has a wealth of experience in this area and he has shared this well with the wider community. His book is a welcome addition to the field.”
- Rob Ratcliff, UKSMA Chair
John Kyriazoglou is an IT and management consultant with over 35 years’ experience of working around the world in a wide variety of organisations and economic sectors. Key roles have included IT Manager, Internal Audit Manager and MD of a service company.
John has presented at over 25 international conferences and currently gives courses on IT auditing, security and electronic crimePrevention. He has written numerous articles for professional publications and is the author of IT Strategic and Operational Controls, also published by IT Governance.