- Applied Labs
- Table of Contents
- Course Objectives
The Second Edition of Auditing IT Infrastructures for Compliance provides a unique, in-depth look at recent U.S. based Information systems and IT infrastructures compliance laws in both the public and private sector. Written by industry experts, this book provides a comprehensive explanation of how to audit IT infrastructures for compliance based on the most recent laws and the need to protect and secure business and consumer privacy data. Using examples and exercises, this Second Edition incorporates numerous hands-on activities to prepare readers to skillfully complete IT compliance auditing.
New and Key Features of the Second Edition
- Includes updates on new pertinent laws and regulations, including FISMA and DoD
- References all new standards such as COBIT, SANS, ISACA, ISO/IEC 27001 and CRMA
- New sections added on the Children’s Online Privacy Protection Act (COPPA), Service Organization Control (SOC) Reports, the NIST Cybersecurity Framework, and Certification in Risk Assessment (CRMA)
- Tips, Notes, FYIs, and Warnings appear throughout the text and provide helpful information related to the subject at hand
This title is available with a lab manual that allows students to put their classroom skills to work through numerous laboratory exercises.
|Lab #1:||Assessing the Impact of Sarbanes-Oxley (SOX) Compliance Law on Enron|
|Lab #2:||Aligning Auditing Frameworks for a Business Unit Within DoD|
|Lab #3:||Defining a Process for Gathering Information Pertaining to a HIPAA Compliance Audit|
Aligning an IT Security Assessment – Risk, Threats, and
Vulnerability Assessments – to Achieve Compliance
|Lab #5:||Defining a Process for Gathering Information Pertaining to a GLBA Compliance Audit|
|Lab #6:||Auditing the Workstation Domain for Compliance|
|Lab #7:||Auditing the LAN-to-WAN Domain for Compliance|
|Lab #8:||Auditing the Remote Access Domain for Compliance|
|Lab #9:||Auditing the Systems/Application Domain for Compliance|
|Lab #10:||Charting Your Career Path – Professional Certifications|
|Chapter 1:||The Need for Information Systems Security Compliance|
|Chapter 2:||Overview of U.S. Compliancy Laws|
|Chapter 3:||What Is the Scope of an IT Compliance Audit?|
|Chapter 4:||Auditing Standards and Frameworks|
|Chapter 5:||Planning an IT Infrastructure Audit for Compliance|
|Chapter 6:||Conducting an IT Infrastructure Audit for Compliance|
|Chapter 7:||Writing the IT Infrastructure Audit Report|
|Chapter 8:||Compliance Within the User Domain|
|Chapter 9:||Compliance Within the Workstation Domain|
|Chapter 10:||Compliance Within the LAN Domain|
|Chapter 11:||Compliance Within the LAN-to-WAN Domain|
|Chapter 12:||Compliance Within the WAN Domain|
|Chapter 13:||Compliance Within the Remote Access Domain|
|Chapter 14:||Compliance Within the System/Application Domain|
|Chapter 15:||Ethics, Education, and Certification for IT Auditors|
- To describe the role of ISS compliance in relation to U.S. compliance laws
- To explain the use of standards and frameworks in a compliance audit of an IT infrastructure.
- To describe the components and basic requirements for creating an audit plan to support business and system considerations.
- To describe the different parameters required to conduct and report on IT infrastructure audit for organizational compliance.
- To describe information security systems compliance requirements within the User Domain.
- To describe information security systems compliance requirements within the Workstation and LAN Domains.
- To use an appropriate framework to implement ISS compliance within the LAN-to-WAN and WAN Domains.
- To describe information security systems compliance requirements within the Remote Access Domain.
- To describe the information security systems compliance requirements within the System/Application Domain.
- To describe the qualifications, ethics, and certification organizations for IT auditors.
Instructor Resources include: