Information Systems Assurance: The purpose of this book is to help understand how information systems affect risks, what controls should be ... to management, customers and auditors. - Couverture souple

David C. Chan is a highly experienced audit professional who has practiced information technology (IT) auditing and IT security in public accounting, banking and the public sector. He has many years of IT audit and security management experience in Price Waterhouse, Bank of Montreal, Office of the Provincial Auditor of Ontario, Hydro One and Ontario Ministry of Government Services. David has taught IT auditing in universities. In addition to his degree of Master of Science in Computer Science, David has earned the following professional designations: · Certified Public Accountant · Chartered Accountant · Certified Information Systems Auditor · Certified Information Security Manager · Certified Information Systems Security Professional · Certified Internal Auditor · Certified Fraud Examiner · Project Management Professional David has been active in professional research with Canadian Institute of Chartered Accountants (CICA), the Institute of Chartered Accountants of Ontario (ICAO) as well as the Information Systems Audit and Control Association (ISACA). He has served on the CICA IT Advisory Committee, the ICAO Course Content Committee and the ISACA Test Enhancement Committee. David has published in CA Magazine and Information Systems Control Journal on the topics of audit scheduling and encryption. David has also taught the preparatory courses for the ICAO Core Knowledge Examination and the Certified Information Systems Auditor Examination.

The purpose of this book is to help understand how information systems affect risks, what controls should be implemented to mitigate risks and how controls can be tested and assessed to provide assurance to management, customers and auditors. This book discusses assurance from the perspectives of management and auditors. Many chapters of this book provide guidelines to auditors in identifying and testing internal controls. This book is a comprehensive guide to preparing for the Certified Information Systems Auditor examination.