Information systems control and audit:
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Buch |
| Sprache: | English |
| Veröffentlicht: |
Upper Saddle River, N.J. [u.a.]
Prentice-Hall
1999
|
| Ausgabe: | repr. with corr. |
| Schlagworte: | |
| Online-Zugang: | Inhaltsverzeichnis |
| Beschreibung: | XXIV, 1013, 14 S. Ill., graph. Darst. |
| ISBN: | 0139478701 |
Internformat
MARC
| LEADER | 00000nam a2200000zc 4500 | ||
|---|---|---|---|
| 001 | BV023693203 | ||
| 003 | DE-604 | ||
| 005 | 20120404 | ||
| 007 | t | ||
| 008 | 000926s1999 xxuad|| |||| 00||| eng d | ||
| 020 | |a 0139478701 |c DM 116.95 |9 0-13-947870-1 | ||
| 035 | |a (OCoLC)833411923 | ||
| 035 | |a (DE-599)BVBBV023693203 | ||
| 040 | |a DE-604 |b ger | ||
| 041 | 0 | |a eng | |
| 044 | |a xxu |c US | ||
| 049 | |a DE-522 |a DE-634 | ||
| 082 | 0 | |a 658.4038 | |
| 100 | 1 | |a Weber, Ron |e Verfasser |4 aut | |
| 245 | 1 | 0 | |a Information systems control and audit |c Ron Weber |
| 250 | |a repr. with corr. | ||
| 264 | 1 | |a Upper Saddle River, N.J. [u.a.] |b Prentice-Hall |c 1999 | |
| 300 | |a XXIV, 1013, 14 S. |b Ill., graph. Darst. | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b n |2 rdamedia | ||
| 338 | |b nc |2 rdacarrier | ||
| 650 | 0 | 7 | |a Unternehmen |0 (DE-588)4061963-1 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Informationsmanagement |0 (DE-588)4114012-6 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Internes Kontrollsystem |0 (DE-588)4125994-4 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Innenrevision |0 (DE-588)4072820-1 |2 gnd |9 rswk-swf |
| 689 | 0 | 0 | |a Unternehmen |0 (DE-588)4061963-1 |D s |
| 689 | 0 | 1 | |a Informationsmanagement |0 (DE-588)4114012-6 |D s |
| 689 | 0 | 2 | |a Innenrevision |0 (DE-588)4072820-1 |D s |
| 689 | 0 | 3 | |a Internes Kontrollsystem |0 (DE-588)4125994-4 |D s |
| 689 | 0 | |5 DE-604 | |
| 856 | 4 | 2 | |m HBZ Datenaustausch |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=017193767&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |3 Inhaltsverzeichnis |
| 999 | |a oai:aleph.bib-bvb.de:BVB01-017193767 | ||
Datensatz im Suchindex
| _version_ | 1804138719332007936 |
|---|---|
| adam_text | Brief Contents
PART I: INTRODUCTION 1
Chapter 1 Overview of Information Systems Auditing 3
Chapter 2 Conducting an Information Systems Audit 32
PART II: THE MANAGEMENT CONTROL FRAMEWORK 67
Chapter 3 Top Management Controls 69
Chapter 4 Systems Development Management Controls 103
Chapter 5 Programming Management Controls 157
Chapter 6 Data Resource Management Controls 205
Chapter 7 Security Management Controls 242
Chapter 8 Operations Management Controls 288
Chapter 9 Quality Assurance Management Controls 332
PART III: THE APPLICATION CONTROL FRAMEWORK 365
Chapter 10 Boundary Controls 367
Chapter 11 Input Controls 417
Chapter 12 Communication Controls 469
Chapter 13 Processing Controls 516
Chapter 14 Database Controls 559
Chapter 15 Output Controls 612
PART IV: EVIDENCE COLLECTION 659
Chapter 16 Audit Software 661
Chapter 17 Code Review, Test Data, and Code Comparison 708
Chapter 18 Concurrent Auditing Techniques 751
Chapter 19 Interviews, Questionnaires, and Control Flowcharts 786
Chapter 20 Performance Measurement Tools 820
PARTV: EVIDENCE EVALUATION 849
Chapter 21 Evaluating Asset Safeguarding and Data Integrity 851
Chapter 22 Evaluating System Effectiveness 888
Chapter 23 Evaluating System Efficiency 926
PART VI: INFORMATION SYSTEMS AUDIT MANAGEMENT 965
Chapter 24 Managing the Information Systems Audit Function 967
¦ vii ¦
Contents
PART I: INTRODUCTION 1
CHAPTER 1 Overview of Information Systems Auditing 3
Introduction 5
Need for Control and Audit of Computers 5
Organizational costs of data loss, 6 • Incorrect decision making, 6 • Costs of com¬
puter abuse, 7 * Value of computer hardware, software, and personnel, 9 • High
costs of computer error, 9 • Maintenance of privacy, 9 • Controlled evolution
of computer use, 10 • Information systems auditing defined, 10 • Asset
safeguarding objectives, 11 • Data integrity objectives, 11 • System effectiveness
objectives, 12 • System efficiency objectives, 12
Effects of Computers on Internal Controls 13
Separation of duties, 13 • Delegation of authority and responsibility, 14 • Compe¬
tent and trustworthy personnel, 14 • System of authorizations, 14 • Adequate doc¬
uments and records, 15 • Physical control over assets and records, 15 • Adequate
management supervision, 16 • Independent checks on performance, 16 • Compar¬
ing recorded accountability with assets, 16
Effects of Computers on Auditing 16
Changes to evidence collection, 17 • Changes to evidence evaluation, 17
Foundations of Information Systems Auditing 18
Traditional auditing, 18 • Information systems management, 19 • Behavioral
science, 19 • Computer science, 20
Structure and Focus of this Book 20
CHAPTER 2 Conducting an Information Systems Audit 32
Introduction 34
The Nature of Controls 35
Dealing with Complexity 36
Subsystem factoring, 37 • Assessing subsystem reliability, 40
Audit Risks 43
Types of Audit Procedures 45
Overview of Steps in an Audit 47
Planning the audit, 47 • Tests of controls, 51 • Tests of transactions, 53 • Tests of
balances or overall results, 53 • Completion of the audit, 54
Auditing Around or Through the Computer 55
Auditing around the computer, 56 • Auditing through the computer, 57
¦ ix ¦
¦ X Contents
PART II: THE MANAGEMENT CONTROL FRAMEWORK 67
CHAPTER 3 Top Management Controls 69
Introduction 71
Evaluating the Planning Function 72
Types of plans, 72 • Need for a contingency approach to planning, 73 • Role of a
steering committee, 75
Evaluating the Organizing Function 75
Resourcing the information systems function, 75 • Staffing the information
systems function, 76 • Centralization versus decentralization of the information
systems function, 78 • Internal organization of the information systems
function, 79 • Location of the information systems function, 83
Evaluating the Leading Function 84
Motivating information systems personnel, 84 • Matching leadership styles with in¬
formation systems personnel and their jobs, 85 • Effectively communicating with
information systems personnel, 86
Evaluating the Controlling Function 86
Overall control of the information systems function, 86 • Technology diffusion and
control of the information systems function, 88 • Control of information systems
activities, 89 • Control over the users of information systems services, 90
CHAPTER 4 Systems Development Management Controls 103
Introduction 105
Approaches to Auditing Systems Development 105
Normative Models of the Systems Development Process 107
Systems development life-cycle approach, 107 • Sociotechnical design approach,
109 • Political approach, 110 • Soft-systems approach, 112 • Prototyping
approach, 114 • Contingency approach, 115
Evaluating the Major Phases in the Systems Development Process 116
Problem/opportunity definition, 117 • Management of the change process,
118 • Entry and feasibility assessment, 119 • Analysis of the existing
system, 121 • Formulating strategic requirements, 122 • Organizational and job
design, 123 • Information processing systems design, 124 • Application
software acquisition and development, 130 • Hardware/system software
acquisition, 131 • Procedures development, 132 • Acceptance testing, 133 • Con¬
version, 135 Operation and maintenance, 137
Appendix 4.1 Techniques for Studying the Existing System: Structured
Analysis 149
Appendix 4.2 Techniques for Studying the Existing System: Object-Oriented
Analysis 152
Appendix 4.3 Entity-Relationship Modeling 154
Appendix 4.4 Normalization 155
CHAPTER 5 Programming Management Controls 157
Introduction 160
The Program Development Life Cycle 160
Planning, 161 • Control, 163 • Design, 166 • Coding, 168 • Testing, 171
• Operation and maintenance, 177
Organizing the Programming Team 178
Chief programmer teams, 178 • Adaptive teams, 180 • Controlled-decentralized
teams, 181
Contents xi ¦
Managing the System Programming Group 182
Control problems, 182 • Control measures, 183
Appendix 5.1 Techniques for Program Design: Functional
Decomposition 196
Appendix 5.2 Techniques for Program Design: Data Flow Design 198
Appendix 5.3 Techniques for Program Design: Data Structure Design 201
Appendix 5.4 Techniques for Program Design: Object-oriented Design 204
CHAPTER 6 Data Resource Management Controls 205
Introduction 207
Motivations Toward the DA and DBA Roles 207
Functions of the DA and DBA 209
Defining, creating, redefining, and retiring data, 211 • Making the database avail¬
able to users, 214 • Informing and servicing users, 215 • Maintaining database
integrity, 216 • Monitoring operations, 217
Some Organizational Issues 218
Placement of the DA and DBA roles, 218 • Effects of decentralization of the infor¬
mation systems function, 221
Data Repository Systems 222
Basic functions of a DRS, 223 • Some problems with DRSs, 224 • Audit aspects
of a DRS, 226
Control over the DA and DBA 228
Some exposures, 229 • Some remedial measures, 229
CHAPTER 7 Security Management Controls 242
Introduction 244
Conducting a Security Program 245
Preparation of a project plan, 247 • Identification of assets, 248 • Valuation of
assets, 249 • Threats identification, 250 • Threats likelihood assessment,
251 • Exposures analysis, 252 • Controls adjustment, 254 • Report preparation, 255
Major Security Threats and Remedial Measures 256
Fire damage, 257 • Water damage, 258 • Energy variations, 258 • Structural
damage, 259 • Pollution, 259 • Unauthorized intrusion, 260 • Viruses and
worms, 261 • Misuse of software, data, and services, 264 • Hacking, 266
Controls of Last Resort 266
Disaster recovery plan, 266 • Insurance, 271
Some Organizational Issues 272
CHAPTER 8 Operations Management Controls 288
Introduction 291
Computer Operations 292
Operations controls, 292 • Scheduling controls, 294 • Maintenance controls, 295
Network Operations 297
Wide area network controls, 297 • Local area network controls, 299
Data Preparation and Entry 301
Production Control 303
Input/output controls, 303 • Job scheduling controls, 304 • Management of ser¬
vice-level agreements, 305 • Transfer pricing/chargeout control, 306 • Acquisition
of consumables, 307
¦ xii Contents
File Library 308
Storage of storage media, 308 • Use of storage media, 309 • Maintenance and dis¬
posal of storage media, 310 • Location of storage media, 312
Documentation and Program Library 312
Help Desk/Technical Support 314
Capacity Planning and Performance Monitoring 316
Management of Outsourced Operations 317
Financial viability of the outsourcing vendor, 317 • Compliance with the outsourc¬
ing contract s terms and conditions, 318 * Reliability of outsourcing vendor s con¬
trols, 318 • Outsourcing disaster recovery controls, 319
CHAPTER 9 Quality Assurance Management Controls 332
Introduction 334
Motivations Toward the QA Role 335
QA Functions 336
Developing quality goals, 337 • Developing, promulgating, and maintaining stan¬
dards for the information systems function, 340 • Monitoring compliance with QA
standards, 343 • Identifying areas for improvement, 345 • Reporting to manage¬
ment, 347 • Training in QA standards and procedures, 348
Organizational Considerations 350
Placement of the QA function, 350 • Staffing the QA function, 351
Relationship Between Quality Assurance and Auditing 351
PART III: THE APPLICATION CONTROL FRAMEWORK 365
CHAPTER 10 Boundary Controls 367
Introduction 370
Cryptographic Controls 371
Nature of cryptography, 371 • Cryptographic techniques, 371 • Choosing a cipher
system, 373 • Public-key cryptosystems, 375 • Key management, 375
Access Controls 378
Functions of an access control mechanism, 379 • Access control policies, 383 •
Implementing an access control mechanism, 388
Personal Identification Numbers 391
PIN generation, 382 • PIN issuance and delivery, 383 • PIN validation, 395 •
PIN transmission, 396 • PIN processing, 397 • PIN storage, 397 • PIN
change, 397 • PIN replacement, 398 • PIN termination, 398
Digital Signatures 398
Public-key approaches, 399 • Arbitrated schemes, 401 • Some exposures, 401
Plastic Cards 402
Application for a card, 402 • Preparation of the card, 402 • Issue of the card,
403 • Use of the card, 403 • Card return/destruction, 403
Audit Trail Controls 404
Accounting audit trail, 404 • Operations audit trail, 405
Existence Controls 405
CHAPTER 11 Input Controls 417
Introduction 420
Data Input Methods 421
Contents xiii ¦
Source Document Design 423
Data-entry Screen Design 426
Screen organization, 426 • Caption design, 427 • Data-entry field design,
428 • Tabbing and skipping, 429 • Color, 430 • Response time, 430 * Display
rate, 430 • Prompting and help facilities, 431
Data Code Controls 432
Data coding errors, 433 * Types of coding systems, 434
Check Digits 436
Nature of check digits, 436 • Calculating check digits, 436 • Efficiency of check
digit methods, 437 • When to use check digits, 438
Batch Controls 439
Types of batches, 439 • Means of batch control, 439 • Design of batches, 442
Validation of Data Input 442
Types of data input validation checks, 443 * Reporting data input errors, 446
Instruction Input 446
Menu-driven languages, 446 • Question-answer dialogs, 448 • Command lan¬
guages, 449 • Forms-based languages, 450 • Natural languages, 450 • Direct
manipulation interface, 452
Validation of Instruction Input 453
Types of instruction input validation checks, 453 • Reporting instruction input
errors, 454
Audit Trail Controls 454
Accounting audit trail, 455 • Operations audit trail, 456
Existence Controls 456
CHAPTER 12 Communication Controls 469
Introduction 473
Communication Subsystem Exposures 474
Transmission impairments, 474 • Component failure, 475 • Subversive threats,
475
Physical Component Controls 477
Transmission media, 477 • Communication lines, 479 • Modems, 479 • Port-
protection devices, 481 • Multiplexors and concentrators, 482
Line Error Controls 483
Error detection, 483 • Error correction, 484
Flow Controls 485
Link Controls 487
Topological Controls 487
Local area network topologies, 487 • Wide area network topologies, 491
Channel Access Controls 492
Polling methods, 492 • Contention methods, 493
Controls over Subversive Threats 494
Link encryption, 494 • End-to-end encryption, 495 • Stream ciphers, 496 • Error
propagation codes, 498 • Message authentication codes, 498 • Message sequence
numbers, 498 • Request-response mechanisms. 499
Internetworking Controls 499
Communication Architectures and Controls 500
¦ XIV Contents
Audit Trail Controls 502
Accounting audit trail, 502 • Operations audit trail, 502
Existence Controls 503
CHAPTER 13 Processing Controls 516
Introduction 519
Processor Controls 520
Error detection and correction, 520 • Multiple execution states, 521 • Timing
controls, 522 • Component replication, 523
Real Memory Controls 524
Error detection and correction, 524 • Access controls, 525
Virtual Memory Controls 527
Operating System Integrity 531
Nature of a reliable operating system, 531 • Operating system integrity threats,
532 * Operating system integrity flaws, 533 • Reference monitors and kernels,
534 • Design and implementation considerations, 535 • Certification of operating
systems, 536
Application Software Controls 537
Validation checks, 537 • Some matters of programming style, 538
Audit Trail Controls 541
Accounting audit trail, 541 • Operations audit trail, 542
Existence Controls 545
Nature of checkpoint/restart controls, 545 • Functions and architectures of check¬
point/restart facilities, 546 • Audit of checkpoint/restart facilities, 547
CHAPTER 14 Database Controls 559
Introduction 563
Access Controls 564
Discretionary access controls, 565 • Mandatory access controls, 568 • Some
implementation issues, 569
Integrity Controls 569
Entity-relationship model integrity constraints, 570 • Relational data model
integrity constraints, 571 • Object data model integrity constraints, 571
Application Software Controls 572
Update protocols, 572 • Report protocols, 574
Concurrency Controls 575
Nature of the shared data resource problem, 575 • The problem of deadlock,
576 • Solutions to deadlock, 577 • Preventing deadlock, 578 • Distributed data¬
base concurrency controls, 579
Cryptographic Controls 580
File Handling Controls 581
Audit Trail Controls 582
Accounting audit trail, 582 • Operations audit trail, 585
Existence Controls 585
Grandfather, father, son strategy, 586 • Dual recording/mirroring strategy,
587 • Dumping, 588 • Logging, 590 • Residual dumping, 595 • Differential
files/shadow paging, 597
Contents XV ¦
CHAPTER 15 Output Controls 612
Introduction 615
Inference Controls 616
Conceptual foundations, 617 • Restriction controls, 619 • Perturbation controls,
624
Batch Output Production and Distribution Controls 625
Stationery supplies storage controls, 625 • Report program execution controls,
627 • Queuing/spooling/printer file controls, 628 • Printing controls,
628 • Report collection controls, 630 • User/client services review controls,
631 • Report distribution controls, 631 • User output controls, 632 • Storage
controls, 633 • Retention controls, 633 • Destruction controls, 634
Batch Report Design Controls 634
Online Output Production and Distribution Controls 635
Source controls, 637 • Distribution controls, 641 * Communication controls,
641 • Receipt controls, 642 • Review controls, 642 • Disposition controls,
643 • Retention controls, 643 • Deletion controls, 644
Audit Trail Controls 644
Accounting audit trail, 644 • Operations audit trail, 645
Existence Controls 646
PART IV: SV bgNcE COLLECTION 659
CHAPTER 16 Audit Software 661
Introduction 665
Generalized Audit Software 665
Motivations for generalized audit software development, 665 • Functional capabili¬
ties of generalized audit software, 666 • Audit tasks that can be accomplished using
generalized audit software, 670 • Functional limitations of generalized audit soft¬
ware, 673 • Accessing data with generalized audit software, 674 • Managing a
generalized audit software application, 676
Industry-specific Audit Software 679
High-level Languages 681
Utility Software 682
Utility software to facilitate assessing security and integrity, 683 * Utility software to
facilitate system understanding, 684 • Utility software to facilitate assessing data
quality, 685 • Utility software to facilitate assessing program quality, 685 • Utility
software to facilitate program development, 686 • Utility software to facilitate
assessing operational efficiency, 687
Expert Systems 687
Motivations for using expert systems, 688 • Components of an expert system,
688 • Types of audit expert systems, 690
Neural Network Software 690
Specialized Audit Software 692
Reasons for developing specialized audit software, 692 • Development and imple¬
mentation of specialized audit software, 693
Other Audit Software 694
Control of Audit Software 694
¦ xvi Contents
CHAPTER 17 Code Review, Test Data, and Code Comparison 708
Introduction 712
Where Do Program Defects Occur? 713
Program Source-code Review 714
Objectives of code review, 714 • Source-code review methodology, 715 • Benefits
and costs of code review, 721
Test Data 721
Nature of reliable test data, 722 • Approaches to designing test data,
722 • Black-box test-data design methods, 723 • White-box test-data design meth¬
ods, 727 • Creating test data, 734 • Automated aids to support design, creation,
and use of test data, 735 • Benefits and costs of test data, 736
Program Code Comparison 737
Types of code comparison, 737 • Using code comparison, 737 * Benefits and costs
of code comparison, 738
CHAPTER 18 Concurrent Auditing Techniques 751
Introduction 754
Basic Nature of Concurrent Auditing Techniques 754
Need for Concurrent Auditing Techniques 755
Disappearing paper-based audit trail, 755 * Continuous monitoring required by ad¬
vanced systems, 755 • Increasing difficulty of performing transaction walkthroughs,
757 • Presence of entropy in systems, 757 • Problems posed by outsourced and
distributed information systems, 758 • Problems posed by interorganizational
information systems, 758
Types of Concurrent Auditing Techniques 758
Integrated test facility, 759 • Snapshot/extended record, 762 • System control audit
review file, 764 • Continuous and intermittent simulation, 768
Implementing Concurrent Auditing Techniques 769
Perform a feasibility study, 769 • Seek the support of groups affected by concurrent
auditing, 770 • Ensure that the relevant expertise is available, 770 • Ensure
the commitment of stakeholders, 771 • Make the necessary technical decisions,
771 * Plan the design and implementation, 771 • Implement and test,
772 • Postaudit the results, 772
Strengths/Limitations of Concurrent Auditing Techniques 772
CHAPTER 19 Interviews, Questionnaires, and Control Flowcharts 786
Introduction 789
Interviews 789
Some conceptual issues, 790 • Preparing for the interview, 791 • Conducting the
interview, 793 • Analyzing the interview, 794
Questionnaires 794
Design of questionnaires, 795 • Reliability and validity issues, 799 • Effective use
of questionnaires, 801
Control Flowcharts 802
Types of control flowcharts, 802 • Constructing a control flowchart,
806 • Strengths and limitations of control flowcharts, 809
CHAPTER 20 Performance Measurement Tools 820
Introduction 822
The Objects of Measurement 823
Contents XVii ¦
General Characteristics of Performance Measurement Tools 824
Types of Performance Measurement Tools 826
Hardware monitors, 827 • Software monitors, 829 • Firmware monitors,
833 • Hybrid monitors, 833
Presenting Performance Measurement Results 834
Gantt charts, 835 • Kiviat graphs, 836
Performance Measurement and Data Integrity 838
Ensuring correct system instrumentation, 838 • Ensuring maintenance of data
privacy, 838
PARTV: EVIDENCE EVALUATION 849
CHAPTER 21 Evaluating Asset Safeguarding and Data Integrity 851
Introduction 854
Measures of Asset Safeguarding and Data Integrity 854
Nature of the Global Evaluation Decision 856
Determinants of Judgment Performance 858
Auditor s ability, 858 • Auditor s knowledge, 859 • Audit environment,
860 • Auditor s motivation, 862
Audit Technology to Assist the Evaluation Decision 862
Control matrices, 862 • Deterministic models, 863 • Software reliability models,
864 • Engineering reliability models, 866 • Bayesian models, 869 • Simulation
models, 871 • Expert systems, 873
Cost-effectiveness Considerations 874
Costs and benefits of controls, 874 • A controls matrix view of the cost-effectiveness
of controls, 875 • Controls as an investment decision, 876
CHAPTER 22 Evaluating System Effectiveness 888
Introduction 891
Overview of the Effectiveness Evaluation Process 892
A Model of Information System Effectiveness 893
Evaluating System Quality 895
Evaluating Information Quality 897
Evaluating Perceived Usefulness 898
Evaluating Perceived Ease of Use 898
Evaluating Computer Self-efficacy 899
Evaluating Information System Use 899
Voluntary versus involuntary use, 900 • Amount and frequency of use,
900 • Nature of use, 901 • Source of use, 902
Evaluating Individual Impact 902
Task accomplishment impacts, 903 • Quality of working life impacts,
904
Evaluating Information System Satisfaction 907
Evaluating Organizational Impact 908
Organizational effectiveness, 908 • Economic effectiveness, 910
¦ xviii Contents
CHAPTER 23 Evaluating System Efficiency 926
Introduction 929
The Evaluation Process 929
Performance Indices 932
Timeliness indices, 932 • Throughput indices, 933 • Utilization indices,
934 • Reliability indices, 934
Workload Models 934
Purposes of workload models, 934 • Desired properties of workload models,
935 • Types of workload models, 936 • Workload characterization, 938 • Some
examples of workload models, 938
System Models 942
Analytical models, 942 • Simulation models, 946 • Empirical models, 951
Combining Workload and System Models 954
PART VI: INFORMATION SYSTEMS AUDIT MANAGEMENT 965
CHAPTER 24 Managing the Information Systems Audit Function 967
Introduction 971
Planning Function 971
Long-run planning, 972 • Short-run planning, 973
Organizing Function 975
Need for an audit charter, 975 • Staff versus line function, 975 • Centralization
versus decentralization, 978 • Resourcing the information systems audit function,
978
Staffing Function 979
Sourcing and recruitment of information systems audit staff, 979 • Appraisal and
development of information systems audit staff, 980 • Career paths for information
systems audit staff, 980
Leading Function 981
Leadership objectives, 981 • Leadership processes, 982
Controlling Function 983
Toward Information Systems Audit Professionalism 984
Professional associations, 984 • Common body of knowledge, 985 • Competency
standards, 985 • Competency examination, 987 • Code of ethics, 988 • Discipli¬
nary mechanism, 988
Some Futures of Information Systems Auditing 989
Internet, 989 • Electronic commerce, 991 • Business process reengineering,
993 • Outsourcing, 994 • Data privacy, 995 • Data mining and knowledge
discovery, 998 • Interorganizational systems and virtual organizations, 999
|
| any_adam_object | 1 |
| author | Weber, Ron |
| author_facet | Weber, Ron |
| author_role | aut |
| author_sort | Weber, Ron |
| author_variant | r w rw |
| building | Verbundindex |
| bvnumber | BV023693203 |
| ctrlnum | (OCoLC)833411923 (DE-599)BVBBV023693203 |
| dewey-full | 658.4038 |
| dewey-hundreds | 600 - Technology (Applied sciences) |
| dewey-ones | 658 - General management |
| dewey-raw | 658.4038 |
| dewey-search | 658.4038 |
| dewey-sort | 3658.4038 |
| dewey-tens | 650 - Management and auxiliary services |
| discipline | Wirtschaftswissenschaften |
| edition | repr. with corr. |
| format | Book |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01593nam a2200409zc 4500</leader><controlfield tag="001">BV023693203</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20120404 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">000926s1999 xxuad|| |||| 00||| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0139478701</subfield><subfield code="c">DM 116.95</subfield><subfield code="9">0-13-947870-1</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)833411923</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV023693203</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="044" ind1=" " ind2=" "><subfield code="a">xxu</subfield><subfield code="c">US</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-522</subfield><subfield code="a">DE-634</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">658.4038</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Weber, Ron</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Information systems control and audit</subfield><subfield code="c">Ron Weber</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">repr. with corr.</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Upper Saddle River, N.J. [u.a.]</subfield><subfield code="b">Prentice-Hall</subfield><subfield code="c">1999</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XXIV, 1013, 14 S.</subfield><subfield code="b">Ill., graph. Darst.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Unternehmen</subfield><subfield code="0">(DE-588)4061963-1</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Informationsmanagement</subfield><subfield code="0">(DE-588)4114012-6</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Internes Kontrollsystem</subfield><subfield code="0">(DE-588)4125994-4</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Innenrevision</subfield><subfield code="0">(DE-588)4072820-1</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Unternehmen</subfield><subfield code="0">(DE-588)4061963-1</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Informationsmanagement</subfield><subfield code="0">(DE-588)4114012-6</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="2"><subfield code="a">Innenrevision</subfield><subfield code="0">(DE-588)4072820-1</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="3"><subfield code="a">Internes Kontrollsystem</subfield><subfield code="0">(DE-588)4125994-4</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">HBZ Datenaustausch</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=017193767&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-017193767</subfield></datafield></record></collection> |
| id | DE-604.BV023693203 |
| illustrated | Illustrated |
| indexdate | 2024-07-09T21:32:39Z |
| institution | BVB |
| isbn | 0139478701 |
| language | English |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-017193767 |
| oclc_num | 833411923 |
| open_access_boolean | |
| owner | DE-522 DE-634 |
| owner_facet | DE-522 DE-634 |
| physical | XXIV, 1013, 14 S. Ill., graph. Darst. |
| publishDate | 1999 |
| publishDateSearch | 1999 |
| publishDateSort | 1999 |
| publisher | Prentice-Hall |
| record_format | marc |
| spelling | Weber, Ron Verfasser aut Information systems control and audit Ron Weber repr. with corr. Upper Saddle River, N.J. [u.a.] Prentice-Hall 1999 XXIV, 1013, 14 S. Ill., graph. Darst. txt rdacontent n rdamedia nc rdacarrier Unternehmen (DE-588)4061963-1 gnd rswk-swf Informationsmanagement (DE-588)4114012-6 gnd rswk-swf Internes Kontrollsystem (DE-588)4125994-4 gnd rswk-swf Innenrevision (DE-588)4072820-1 gnd rswk-swf Unternehmen (DE-588)4061963-1 s Informationsmanagement (DE-588)4114012-6 s Innenrevision (DE-588)4072820-1 s Internes Kontrollsystem (DE-588)4125994-4 s DE-604 HBZ Datenaustausch application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=017193767&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis |
| spellingShingle | Weber, Ron Information systems control and audit Unternehmen (DE-588)4061963-1 gnd Informationsmanagement (DE-588)4114012-6 gnd Internes Kontrollsystem (DE-588)4125994-4 gnd Innenrevision (DE-588)4072820-1 gnd |
| subject_GND | (DE-588)4061963-1 (DE-588)4114012-6 (DE-588)4125994-4 (DE-588)4072820-1 |
| title | Information systems control and audit |
| title_auth | Information systems control and audit |
| title_exact_search | Information systems control and audit |
| title_full | Information systems control and audit Ron Weber |
| title_fullStr | Information systems control and audit Ron Weber |
| title_full_unstemmed | Information systems control and audit Ron Weber |
| title_short | Information systems control and audit |
| title_sort | information systems control and audit |
| topic | Unternehmen (DE-588)4061963-1 gnd Informationsmanagement (DE-588)4114012-6 gnd Internes Kontrollsystem (DE-588)4125994-4 gnd Innenrevision (DE-588)4072820-1 gnd |
| topic_facet | Unternehmen Informationsmanagement Internes Kontrollsystem Innenrevision |
| url | http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=017193767&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |
| work_keys_str_mv | AT weberron informationsystemscontrolandaudit |