- Explores the components of e-commerce (including EDI).
- Shows the risks involved when using an e-commerce system.
- Provides controls for protecting an e-commerce site (e.g., securing financial transactions and confidential transactions).
- Provides COSO compliant audit approach.
- Provides risk/control tables and checklists.
- Technical topics are discussed in simple user-friendly language.
FREE Two-Day Shipping for Students. Learn more |
Book Description
Special Offers and Product Promotions
- Buy $50 in qualifying physical textbooks, get $5 in Amazon MP3 Credit. Here's how (restrictions apply)
Editorial Reviews
Review
If you are employed anywhere near the sharp end of e-commerce, this is a book you should defiantly read. -- Supply Management, 18 March 2004
"For ensuring that file servers and other elements of the e-commerce infrastructure are protected, this book is an excellent choice" (Security Management, July 2004)
"For ensuring that file servers and other elements of the e-commerce infrastructure are protected, this book is an excellent choice" (Security Management, July 2004)
“If you are employed anywhere near the sharp end of e-commerce, this is a book you should defiantly read.” (Supply Management, 18 March 2004)
"For ensuring that file servers and other elements of the e-commerce infrastructure are protected, this book is an excellent choice" -- Security Management, July 2004
From the Inside Flap
Once scoffed at during the dot.com years, the formerly staid, old, "bricks and mortar" companies have now fully recognized and implemented the value of the Internet. Their new online infrastructure allows them to reach customers in new ways, open new markets, and reap new rewards. "Brick and mortar" is now "brick and click," with e-tailing and e-commerce standard operating procedures for global business. But for all its new benefits, e-commerce also unleashes a host of new risks and issues on the business world. While hackers, data theft, espionage, and cyberterrorism threaten a company’s e-business infrastructure from without, online payment and information systems present auditing challenges from within.
Control and Security of E-Commerce provides expert guidance on how to protect and monitor electronic commerce. Using nontechnical, user-friendly language, this book lays out the components and risks of an e-commerce system. It also details security solutions and auditing techniques for an e-commerce environment. Topics covered include:
- Legal issues related to e-commerce
- Information security
- Symmetric and asymmetric cryptosystems
- Digital signatures and other authentication techniques
- Protection against viruses, Denial of Service attacks, back doors, and Trojan programs
- Securing UNIX and Windows server environments
- Auditing an e-commerce application
It is the job of the auditor to ensure that strong controls are built into electronic applications, and to mitigate the inherent risks involved. Control and Security of E-Commerce offers a structured approach for accomplishing these essential goals. Tools include controls for securing financial and other confidential transactions, a COSO-compliant audit approach, and risk/control tables and checklists. These tools, along with the clearly organized presentation of the material, will maximize the efficiency and effectiveness of audits and security reviews.
As business reliance on e-commerce increases, so does the intricacy of the problems confronting e-business professionals. Internal and external auditors, information security professionals, network administrators, controllers, and CFOs will all appreciate the practical, results-oriented approach of Control and Security of E-Commerce, as both they and their companies benefit from this timely, useful resource.
Product Details
Would you like to update product info or give feedback on images?
|
More About the Author
Discover books, learn about writers, read author blogs, and more.
Customer Reviews
|
Share your thoughts with other customers:
|
||||||||||||||||||||||
|
Most Helpful Customer Reviews
18 of 18 people found the following review helpful:
5.0 out of 5 stars
An Invaluable E-Commerce Audit Guide,
By A Customer
This review is from: E-Commerce: A Control and Security Guide (Hardcover)
While many approach the subject of e-commerce control and security from a purely pedagogical, 'those who can't do, teach' perspective, Gordon Smith draws upon his considerable experience in the trenches to pen this logical step-by-step, risk-based approach to the subject. Moreover, the book is written in an easy, conversational style that is easily comprehended by even neophyte auditors, and its packed with audit work programs and checklists that permit practitioners to roll up their sleeves and get down to work immediately. One feature of this book I found particularly enlightening was Mr. Smith's sensible inclusion of supporting operating system and data base-related risks and controls as they relate to the overall e-commerce control environement. Too often these extremely important controls are deleted from scope or not considered at all in favor of engagement cost and time constraints. Experience proves that a partially secured environement is no better than one that is totally unsecured. Having contracted and worked with Mr. Smith and his CanAudit associates in the past, and having personally witnessed his team breaking into systems heretofore considered inpenetrable, I place a great deal of credence in his opinions on the subject of system security, e-commerce-related or otherwise. This book is a must read for anyone interested in the subject of e-commerce security and an invaluable reference tool for the professional IT Auditing practitioner.
3 of 3 people found the following review helpful:
4.0 out of 5 stars
Very good book on security controls,
This review is from: E-Commerce: A Control and Security Guide (Hardcover)
Checklists, though mundane, are a key component of many jobs. They help ensure that key issues aren't overlooked, and they serve as guideposts for anyone auditing the work. This book provides technology managers with a very good preparatory set of details and checklists for their e-commerce infrastructure. The book can also show a corporate auditor what to look for to ensure that appropriate controls are in place. Throughout its 6 chapters and 225 pages, the book offers a detailed, progressive, and structured approach for performing such audits. The book addresses technology-related issues but doesn't require the auditor to be expert in them. Among topics discussed are physical security, authentication, and passwords; checklists ensure that these features are deployed or configured correctly. For ensuring that file servers and other elements of the e-commerce infrastructure are protected, this book is an excellent choice.
Share your thoughts with other customers: Create your own review
|
|
Tag this product(What's this?)Think of a tag as a keyword or label you consider is strongly related to this product.
Tags will help all customers organize and find favorite items. |
Sell a Digital Version of This Book in the Kindle Store
If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store.
Learn more
Customer Discussions
|
This product's forum
Active discussions in related forums
Search Customer Discussions
|
Related forums
|
Listmania!
So You'd Like to...
Look for Similar Items by Category
- Books > Business & Investing > Industries & Professions > E-commerce
- Books > Business & Investing > Popular Economics
- Books > Computers & Technology > Business & Culture > Manager's Guides to Computing
- Books > Computers & Technology > Business & Culture > Privacy
- Books > Computers & Technology > Certification > CompTIA
- Books > Computers & Technology > Networking > Network Security
- Books > Computers & Technology > Security & Encryption
- Books > Computers & Technology > Software
- Books > New & Used Textbooks > Business & Finance
- Books > New & Used Textbooks > Computer Science
- Books > Professional & Technical > Accounting & Finance > Accounting
