A complete and definitive guide to auditing the security of IT systems for managers, CIOs, controllers, and auditors

This up-to-date resource provides all the tools you need to perform practical security audits on the entire spectrum of a company’s IT platforms–from the mainframe to the individual PC–as well as the networks that connect them to each other and to the global marketplace. Auditing and Security: AS/400, NT, Unix, Networks, and Disaster Recovery Plans is the first book on IT security written specifically for the auditor, detailing what controls are necessary to ensure a secure system regardless of the specific hardware, software, or architecture a company runs. The author uses helpful checklists and diagrams and a practical, rather than theoretical, method to understanding and auditing a company’s IT security systems and their requirements. This comprehensive volume covers the full range of issues relating to security audits, including:

• Hardware and software
• Operating systems
• Network connections
• The cooperation of logical and physical security systems
• Disaster recovery planning