This book provides a comprehensive guide to implementing an integrated and flexible set of IT controls in a systematic way, helping organizations to formulate a complete culture for all areas which must be supervised and controlled.
Nowadays, integrated information systems can significantly magnify the accrued benefits of a given project and greatly strengthen an organization, but such benefits are balanced by a serious risk. If IT systems are not used in a disciplined manner they can create havoc and they frequently bring about unexpected results and catastrophe, as shown by the rise in security incidents and computer-based crimes.
Written with practicality and convenience in mind, this book is an ideal tool for those without specialized technical expertise seeking to understand IT controls and their design, implementation, monitoring, review, and audit issues.
This book provides a comprehensive guide to implementing an integrated and flexible set of IT controls in a systematic way. It can help organizations to formulate a complete culture for all areas which must be supervised and controlled, allowing them to simultaneously ensure a secure, high standard while striving to obtain the strategic and operational goals of the company.
Making use of a clear and pragmatic presentation, this book provides a thorough description of all elements of IT controls in a systematic and detailed way, allowing managers, IT professionals, practitioners, and auditors to customize examples to their own specific purpose. It is a comprehensive tool for anyone who wishes to cement their understanding of IT controls and, most importantly, for those who aim to realize the full capacity of information systems, while rigorously controlling the concomitant risks.
John Kyriazoglou is an international management consultant with over 35 years’ on-the-job practical experience with both private and public sector organizations. He was educated in Canada and the US (BA Hons, and MS), is a CICA (Certified Internal Controls Auditor), has published over 20 articles in professional publications, has served on numerous scientific committees, is a member of ISACA, the Institute for Internal Controls, Inc. (US), and other professional and cultural associations, and provides courses in IT Auditing, Security and Electronic Crime Prevention.