IT Strategic and Operational Controls

Description

Vital information on how to systematically implement IT strategic and operational controls to support and enhance your organization!

Nowadays, integrated information systems can significantly magnify the accrued benefits of a given project and greatly strengthen an organization, but such benefits are balanced by a serious risk. If IT systems are not used in a disciplined manner they can create havoc and they frequently bring about unexpected results and catastrophe, as shown by the rise in security incidents and computer-based crimes.

Master IT controls concepts and issues

Written with practicality and convenience in mind, this book is an ideal tool for those without specialized technical expertise seeking to understand IT controls and their design, implementation, monitoring, review, and audit issues.

Minimize risk and maximize benefits

This book provides a comprehensive guide to implementing an integrated and flexible set of IT controls in a systematic way. It can help organizations to formulate a complete culture for all areas which must be supervised and controlled, allowing them to simultaneously ensure a secure, high standard while striving to obtain the strategic and operational goals of the company.

Benefits to business include:

• Understand and control the associated risks of IT systems

  This book contains practical advice and illustrates solutions to the tremendously complicated problems of designing, implementing, and auditing new and existing systems, making use of practical and easily customizable examples.

• Increase management’s aptitude to achieve operational goals

  With well-controlled, integrated, and robust IT systems, you can gain a comparative advantage in a competitive environment, while ensuring that information is relevant, accurate, and timely.

• Ensure high standards within your IT systems

  For each covered aspect of control, this book provides audit programs and checklists to help management and auditors carry out reviews and audits. As an additional aid, there is an appendix comprising guidelines and examples of "how to enhance" IT security, IT policies, and ethical code. Auditors will find reference to a large number of very relevant tools for use in auditing and reviewing IT operations.

Making use of a clear and pragmatic presentation, this book provides a thorough description of all elements of IT controls in a systematic and detailed way, allowing managers, IT professionals, practitioners, and auditors to customize examples to their own specific purpose. It is a comprehensive tool for anyone who wishes to cement their understanding of IT controls and, most importantly, for those who aim to realize the full capacity of information systems, while rigorously controlling the concomitant risks.  

About the Author

John Kyriazoglou is an international management consultant with over 35 years’ on-the-job practical experience with both private and public sector organizations. He was educated in Canada and the US (BA Hons, and MS), is a CICA (Certified Internal Controls Auditor), has published over 20 articles in professional publications, has served on numerous scientific committees, is a member of ISACA, the Institute for Internal Controls, Inc. (US), and other professional and cultural associations, and provides courses in IT Auditing, Security and Electronic Crime Prevention.