Modernizing Enterprise IT Audit Governance and Management Practices

Information technology auditing examines an organization's IT infrastructure, applications, data use, and management policies, procedures, and operational processes against established standards or policies. Modernizing Enterprise IT Audit Governance and Management Practices provides a guide for internal auditors and students to understand the audit context and its place in the broader information security agenda. The book focuses on technology auditing capabilities, risk management, and technology assurance to strike a balance between theory and practice.

This book covers modern assurance products and services for emerging technology environments, such as Dev-Ops, Cloud applications, Artificial intelligence, cybersecurity, blockchain, and electronic payment systems. It examines the impact of the pandemic on IT Audit transformation, outlines common IT audit risks, procedures, and involvement in major IT audit areas, and provides up-to-date audit concepts, tools, techniques, and references. This book offers valuable research papers and practice articles on managing risks related to evolving technologies that impact individuals and organizations from an assurance perspective. The inclusive view of technology auditing explores how to conduct auditing in various contexts and the role of emergent technologies in auditing. The book is designed to be used by practitioners, academicians, and students alike in fields of technology risk management, including cybersecurity, audit, and technology, across different roles.

The many academic areas covered in this publication include, but are not limited to:

• Audit Strategy for Cloud Deployments
• Auditing Electronic Payment Systems
• Auditing Practices to Ensure Data Integrity Issues
• Auditing To Address Machine and Data Bias
• Big Data Risks and Controls
• Controls for Dev-Ops Security
• Cybersecurity Frameworks (COBIT, NIST CSF, HITRUST CSF, and ISO 27001)
• Cybersecurity Maturity Model Certification (CMMC)
• Emerging Audit Designs for Ransomware Threat
• Fintech
• Human Elements of Information Security
• Impact of AI/ML on Cybersecurity Practices
• Impact of AI/ML on IT Auditing
• Influences of Blockchain Technology on The Auditing Profession
• IT Audit Transformation
• Method Of Evaluating Algorithmic Bias Risks
• Red Team Assessments
• Risk Management
• Secure Agile Product Development
• Social Impacts