This book discusses, in a single volume, a variety of technical, operational and security-related issues relevant to the implementation of the IT systems for easy accessibility by the readers. It addresses many of the key concepts and implementation/assessment issues necessary for in-depth understanding and audits of the IT systems.
This book approaches the security and internal control issues in the IT systems environment by analyzing the brick and mortar skeletons of the system implementations from the very lowest layer and then progressing to the operations and other higher level implementation features and hence the discussions are tangible in the hands of the readers.
This book addresses the security and internal control issues in the perspectives of the standalone computer systems and the network environments in separate phases for more focused discussions of the different security and implementation requirements.
This book presents an extensive coverage of the data communication and network issues in recognition of the massive communication requirements, including the e-commerce system applications, and the serious vulnerability exposures in this area in modern business organizations.
This book presents a new paradigm for categorization of the control objectives in the IT systems environment for both the general operational and financial control perspectives for the effective coverage of the vulnerability exposures in these two areas. These discussions are particularly useful in the implementation of the regulatory requirements such as the Sarbanes-Oxley Act in the US and for compliance with GAAP in the IT systems environment.
Key Highlight Areas in This Book;
The practical operations and security implementation features of the real-life computer systems including the IBM and HP computer systems. The coverage of the object-oriented systems and concepts relative to the traditional structured approaches to the systems development. The extensive coverage of the RDBMS from data modeling and SQL implementations to the transaction processing concepts and security/audit issues. The extensive coverage of the internal control issues in both the manual and IT systems environments. The coverage of the Sarbanes-Oxley Act requirements in the IT systems environment. The in-depth coverage of the communications, cryptography and e-commerce issues. The security implementation and audits in the open networks environment. 
