IT Compliance and Controls offers a structured architectural approach, a 'blueprint in effect,' for new and seasoned executives and business professionals alike to understand the world of compliance?from the perspective of what the problems are, where they come from, and how to position your company to deal with them today and into the future.
FREE Two-Day Shipping for Students. Learn more |
Book Description
Special Offers and Product Promotions
- Buy $50 in qualifying physical textbooks, get $5 in Amazon MP3 Credit. Here's how (restrictions apply)
Frequently Bought Together
Editorial Reviews
From the Inside Flap
IT Compliance and Controls Best Practices for Implementation
A considerable degree of attention has been placed on organizations to improve and disclose the state of Information Technology (IT) internal controls within the United States as a result of several regulations, most prominently, the Sarbanes-Oxley Act of 2002, Section 404. Whether the result of a newly induced government mandate, a recent court ruling, industry trade groups, or from concerned stakeholders in the organization, these regulations have the ability to disrupt business. But no matter what the source, organizations are being strongly encouraged to have IT internal controls and to disclose these to the requesting parties. Dispensing invaluable insight into the complex world of interweaving government and industry mandates from around the world, IT Compliance and Controls provides a road map to effectively answer the question, "How much is enough?"
Providing CIOs, CTOs, IT auditors, audit managers, and IT managers with an in-depth analysis of the leading influencers, the regulations, and the available frameworks and guidance documents, IT Compliance and Controls begins with a discussion of the challenges enterprises face in adopting internal controls—including how to sell an IT control framework to upper management andhow to identify the appropriate controls for the organization—and offers tips and techniques to manage these controls. The book also presents the most important and effective controls being relied upon in the United States and abroad, and validated by auditor tests.
Author James DeLuccia takes a practical approach to evaluating the organization's IT internal control needs and merges these with the regulated mandates as he develops a plan for achieving a balance of business and assurance. The book includes a thorough breakdown of a core set of principles, showing readers how to implement these best practices successfully within their own organizations. It concludes with a discussion of the future of IT internal controls, the challenges that lay ahead, and the technology being employed to enhance the quality and contribution of these control environments.
Written to enlighten those with senior responsibilities on the impact of the technological relationships being established around the world, IT Compliance and Controls provides readers with an in-depth understanding of the business drivers as well as a guided approach to presenting and communicating IT control needs to those at the executive level and board of directors.
From the Back Cover
Praise for IT Compliance and Controls
"James DeLuccia outlines a comprehensive, integrated strategy for achieving regulatory and legislative compliance. This approach is vastly superior, both in scalability and in sustainability, to the siloed compliance strategies that are often seen."
—Dr. Richard Reiner, founder, Assurent Secure Technologies
"Deluccia's book is a great primer and must-read for executives who deal with risk on a day-to-day basis. It masterfully combines the tactical nuts and bolts with the breadth of strategy that all executives must understand in dealing with mitigating risk within the walls of Information Technology in today's global economy. This book offers a structured architectural approach, a 'blueprint in effect,' for new and seasoned executives and business professionals alike to understand the world of compliance — from the perspective of what the problems are, where they come from, and how to position your company to deal with them today and into the future."
—Salil J. Kulkarni, Chief Operating and Information Officer, IVOX Corporation, and former Chief Information Officer, John H. Harland Company
Throughout IT Compliance and Controls, managers and directors charged with supporting environments will discover a refined list of business best practice controls that are explicitly written to ensure they meet the regulations in today's environment, including:
The opportunities and challenges of operating in a global environment
How technology enables the world market
Importance of IT controls
Reality and risks to IT controls being effective
Enterprise risk analysis
Access and authorization
Building a system of IT compliance and controls
This meticulously detailed reference includes materials supported by matrices that map controls to specific regulations and checklists, helping you assess the controls in your own organization.
Reach the highest levels of control and ROI with the best practices found in IT Compliance and Controls.
Product Details
Would you like to update product info or give feedback on images?
|
More About the Author
Discover books, learn about writers, read author blogs, and more.
Customer Reviews
|
Share your thoughts with other customers:
|
||||||||||||||||||||||
|
Most Helpful Customer Reviews
4 of 5 people found the following review helpful:
5.0 out of 5 stars
IT Compliance and Controls,
By
This review is from: IT Compliance and Controls: Best Practices for Implementation (Hardcover)
This book is a must have for business professionals who are looking to develop awareness and deeper insight into IT controls and regulatory compliance. DeLuccia does an excellent job describing the compliance and regulatory environment that so many public and private companies face today in their industries. The information is presented in a way that readers can easily grasp and understand and the author also shares several solutions using his practical experience on how to effectively manage these compliance issues day in and day out. DeLuccia has a very solid understanding of the business risks associated with each IT related government and industry mandate and he uses a risk based approach to help organizations identify and prioritize initiatives to help streamline remediation efforts by aligning requirements and developing an enterprise IT control framework to manage the process. This book is a wealth of information for directors, managers and C-level executives who are interested in learning more about IT compliance and controls, or anyone who is wanting to develop strategies and techniques for solving the compliance issues.
Share your thoughts with other customers: Create your own review
|
|
Front Cover | Front Flap | Table of Contents | First Pages | Index | Back Flap | Back Cover | Surprise Me!
Inside This Book
(learn more)
Key Phrases - Statistically Improbable Phrases (SIPs):
(learn more)
control objectives, technology strategy orchestration, enterprise risk analysis, budget measures, interconnected universe, matrix principle, electronic security perimeter, logical access, incident response capability, continuous auditing, trusted computing platform, accounting history, trust services, financial statement audit, safe harbor privacy principles, risk awareness, operations resiliency, technology control environment, directional alignment, artificial resources, control mandates Key Phrases - Capitalized Phrases (CAPs): (learn more)
United States, Information Security, Federal Information System Controls Audit Manual, Information Technology-Security, Maturity Models, Management Guidelines, Internal Control, Basic Framework, Integrated Framework, Governance Institute, New York, Privacy of Financial Information, Culture of Security, Department of Commerce, Combined Code, Information Technology Controls, The Netherlands, Institute of Internal Auditors, Service Management, John Wiley, The State of Affairs, Network Security-Part, Strong Economy Act, Risk-Based Controls, Regulated Environment Browse Sample Pages:
Front Cover | Front Flap | Table of Contents | First Pages | Index | Back Flap | Back Cover | Surprise Me!
control objectives, technology strategy orchestration, enterprise risk analysis, budget measures, interconnected universe, matrix principle, electronic security perimeter, logical access, incident response capability, continuous auditing, trusted computing platform, accounting history, trust services, financial statement audit, safe harbor privacy principles, risk awareness, operations resiliency, technology control environment, directional alignment, artificial resources, control mandates Key Phrases - Capitalized Phrases (CAPs): (learn more)
United States, Information Security, Federal Information System Controls Audit Manual, Information Technology-Security, Maturity Models, Management Guidelines, Internal Control, Basic Framework, Integrated Framework, Governance Institute, New York, Privacy of Financial Information, Culture of Security, Department of Commerce, Combined Code, Information Technology Controls, The Netherlands, Institute of Internal Auditors, Service Management, John Wiley, The State of Affairs, Network Security-Part, Strong Economy Act, Risk-Based Controls, Regulated Environment Browse Sample Pages:
Front Cover | Front Flap | Table of Contents | First Pages | Index | Back Flap | Back Cover | Surprise Me!
What Other Items Do Customers Buy After Viewing This Item?
Tags Customers Associate with This Product(What's this?)Click on a tag to find related items, discussions, and people.
|
Sell a Digital Version of This Book in the Kindle Store
If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store.
Learn more
Customer Discussions
|
This product's forum
Active discussions in related forums
Search Customer Discussions
|
Related forums
|
Listmania!
|
|
