- Page 1: IS Standards, Guidelines and Proced
- Page 4 and 5: Code of Professional EthicsThe Info
- Page 6 and 7: IS Auditing Standards OverviewIssue
- Page 8 and 9: IS Auditing StandardsIssued by Info
- Page 10 and 11: 03 The IS auditor should plan the i
- Page 12 and 13: information provided, appropriate t
- Page 14 and 15: Operative Date14 This ISACA standar
- Page 16 and 17: IS Auditing GuidelinesG1 Using the
- Page 18 and 19: G2 Audit Evidence Requirement1. BAC
- Page 20 and 21: G3 Use of Computer Assisted Audit T
- Page 22 and 23: G3 Use of Computer Assisted Audit T
- Page 24 and 25: G4 Outsourcing of IS Activities to
- Page 26 and 27: G5 Audit Charter continued2.3.2 The
- Page 28 and 29: G6 Materiality Concepts for Auditin
- Page 30 and 31: G8 Audit Documentation1. BACKGROUND
- Page 32 and 33: • Organisational characteristics;
- Page 34 and 35: G10 Audit Sampling1. BACKGROUND1.1
- Page 36 and 37: G10 Audit Sampling continued2.5.2 A
- Page 38 and 39: G11 Effect of Pervasive IS Controls
- Page 40 and 41: G11 Effect of Pervasive IS Controls
- Page 42 and 43: G12 Organisational Relationship and
- Page 46 and 47: G14 Application Systems Review1. BA
- Page 48 and 49: G15 Planning1.` BACKGROUND1.1 Linka
- Page 50 and 51: G16 Effect of Third Parties on an O
- Page 52 and 53: G16 Effect of Third Parties on an O
- Page 54 and 55: G17 Effect of Nonaudit Role on the
- Page 56 and 57: G17 Effect of Nonaudit Role on the
- Page 58 and 59: G18 IT Governance continued4.1.3 Th
- Page 60 and 61: G18 IT Governance continued• Info
- Page 62 and 63: G19 Irregularities and Illegal Acts
- Page 64 and 65: G19 Irregularities and Illegal Acts
- Page 66 and 67: G20 Reporting continued2.1.1 The pu
- Page 68 and 69: G20 Reporting continued• Statemen
- Page 70 and 71: G21 Enterprise Resource Planning (E
- Page 72 and 73: G21 Enterprise Resource Planning (E
- Page 74 and 75: G21 Enterprise Resource Planning (E
- Page 76 and 77: G21 Enterprise Resource Planning (E
- Page 78 and 79: G22 Business-to-consumer (B2C) E-co
- Page 80 and 81: G22 Business-to-consumer (B2C) E-co
- Page 82 and 83: G22 Business-to-consumer (B2C) E-co
- Page 84 and 85: G22 Business-to-consumer (B2C) E-co
- Page 86 and 87: G23 System Development Life Cycle (
- Page 88 and 89: G23 System Development Life Cycle (
- Page 90 and 91: G24 Internet Banking continued• I
- Page 92 and 93: G24 Internet Banking continued6.1.2
- Page 94 and 95:
G24 Internet Banking continued7.2.4
- Page 96 and 97:
G24 Internet Banking continuedREFER
- Page 98 and 99:
G25 Review of Virtual Private Netwo
- Page 100 and 101:
3.6 Operating Risk3.6.1 Risks such
- Page 102 and 103:
• Highlight the risks and issues
- Page 104 and 105:
G26 Business Process Reengineering
- Page 106 and 107:
G26 Business Process Reengineering
- Page 108 and 109:
G26 Business Process Reengineering
- Page 110 and 111:
G27 Mobile Computing1. BACKGROUND1.
- Page 112 and 113:
G27 Mobile Computing continued• N
- Page 114 and 115:
G28 Computer Forensics1. BACKGROUND
- Page 116 and 117:
G28 Computer Forensics continued•
- Page 118 and 119:
G28 Computer Forensics continued7.2
- Page 120 and 121:
G29 Post-implementation Review1. BA
- Page 122 and 123:
G29 Post-implementation Review cont
- Page 124 and 125:
G29 Post-implementation Review cont
- Page 126 and 127:
G30 Competence continued1.4.6 This
- Page 128 and 129:
G30 Competence conntinued4. RECORDS
- Page 130 and 131:
G31 Privacy continued1.6 Definition
- Page 132 and 133:
G31 Privacy continued■■■Secur
- Page 134 and 135:
G31 Privacy continued■■■■
- Page 136 and 137:
IS Auditing ProceduresIS Risk Asses
- Page 138 and 139:
IS Risk Assessment Measurement Proc
- Page 140 and 141:
IS Risk Assessment Measurement Proc
- Page 142 and 143:
IS Risk Assessment Measurement Proc
- Page 144 and 145:
IS Risk Assessment Measurement Proc
- Page 146 and 147:
IS Risk Assessment Measurement Proc
- Page 148 and 149:
IS Risk Assessment Measurement Proc
- Page 150 and 151:
Digital Signature and Key Managemen
- Page 152 and 153:
SpecificTechnicalAspect of a CAOper
- Page 154 and 155:
Intrusion Detection Procedure P3 co
- Page 156 and 157:
Intrusion Detection Systems (IDS) R
- Page 158 and 159:
ReportingSuggested ProceduresReport
- Page 160 and 161:
Suggested Procedures for Preventing
- Page 162 and 163:
Suggested Procedures for Preventing
- Page 164 and 165:
Control Risk Self-assessment Proced
- Page 166 and 167:
Control Risk Self-assessment Proced
- Page 168 and 169:
Facilitatedworkshop usingthe proces
- Page 170 and 171:
Control Risk Self-assessment Proced
- Page 172 and 173:
Firewalls Procedure P6 continued2.1
- Page 174 and 175:
Firewalls Procedure P6 continued2.1
- Page 176 and 177:
Firewalls Procedure P6 continued•
- Page 178 and 179:
Firewalls Procedure P6 continued4.3
- Page 180 and 181:
Stateful inspection/dynamic packetf
- Page 182 and 183:
Suggested ProceduresConfirm network
- Page 184 and 185:
Firewalls Procedure P6 continuedHar
- Page 186 and 187:
Irregularities and Illegal Acts Pro
- Page 188 and 189:
AnalyticalproceduresDutiesApplicati
- Page 190 and 191:
Irregularities and Illegal Acts Pro
- Page 192 and 193:
Security Assessment-Penetration Tes
- Page 194 and 195:
Security Assessment-Penetration Tes
- Page 196 and 197:
InternetPenetrationTestingSuggested
- Page 198 and 199:
InternalPenetrationTestingcontinued
- Page 200 and 201:
WebApplicationcontinuedReportSugges
- Page 202 and 203:
Evaluation of Management Control Ov
- Page 204 and 205:
Evaluation of Management Control Ov
- Page 206 and 207:
Aspects ofEncryptionOrganisationalm
- Page 208 and 209:
IS Control Professionals StandardsI
- Page 210:
ISACA Standards Documents CommentsI