
Premium
Title Page
1/1/2025
Copyright Page
1/1/2025
Dedication Page
1/1/2025
About the Author
1/1/2025
About the Reviewers
1/1/2025
Acknowledgement
1/1/2025
Preface
1/1/2025
Table of Contents
1/1/2025
1. IT Audit and Assurance Standards Statements
1/1/2025
Introduction
1/1/2025
Structure
1/1/2025
Objectives
1/1/2025
Key concepts
1/1/2025
Components of IT management
1/1/2025
Core standards for IT audits
1/1/2025
Audit standards
1/1/2025
Assurance statements
1/1/2025
Importance of assurance statements in IT audits
1/1/2025
Regulatory compliance requirements
1/1/2025
Conclusion
1/1/2025
2. IT Audit Defined, Charter and Criteria
1/1/2025
Defining an audit charter
1/1/2025
Sample IT audit charter
1/1/2025
Benefits of getting audited
1/1/2025
Audits and governance
1/1/2025
Governance defined by COBIT in the audit process
1/1/2025
Benefits of audits and governance in ITIL
1/1/2025
Benefits of audits and governance in ISO 20000
1/1/2025
3. Planning, Scheduling, Reporting and Follow-ups for Audit
1/1/2025
Audit plan
1/1/2025
Auditee responsibilities
1/1/2025
Review of policy and gathering evidence
1/1/2025
4. Types of Audits
1/1/2025
Types of internal audits
1/1/2025
Benefits of internal audit
1/1/2025
Developing an internal audit schedule
1/1/2025
Types of external audits
1/1/2025
Audit preparation
1/1/2025
Key types of external IT audits
1/1/2025
External audit approach
1/1/2025
5. IT Policies, Processes and SOPs
1/1/2025
IT policy and processes
1/1/2025
Key requirements for IT processes
1/1/2025
IT procedures
1/1/2025
Standard operating procedures
1/1/2025
Roles and responsibilities
1/1/2025
Service strategy roles
1/1/2025
Service design roles
1/1/2025
Service transition roles
1/1/2025
Service operation roles
1/1/2025
Continual service improvement roles
1/1/2025
RACI matrix
1/1/2025
Eliminating conflict of interest
1/1/2025
Consequences of conflict of interest
1/1/2025
Best practices for eliminating conflict of interest
1/1/2025
Controls to mitigate conflict of interest
1/1/2025
6. Risk Management and Impact Analysis
1/1/2025
Risk management
1/1/2025
NIST definition
1/1/2025
Risk management methodology
1/1/2025
Risk identification and categorization
1/1/2025
Risk register
1/1/2025
Classification of organizational risks
1/1/2025
Sources of risk
1/1/2025
Best practices
1/1/2025
Risk impact analysis
1/1/2025
Risk mitigation processes
1/1/2025
7. Procurement, Asset, Capacity, and Cloud Service Management
1/1/2025
IT asset procurement process
1/1/2025
Procurement process
1/1/2025
Benefits of the procurement process
1/1/2025
Vendor management process
1/1/2025
IT procurement process
1/1/2025
Asset management process
1/1/2025
Software asset management
1/1/2025
Benefits of the asset management process
1/1/2025
Capacity management process
1/1/2025
Capacity management lifecycle
1/1/2025
Benefits of capacity management
1/1/2025
Cloud service management process
1/1/2025
Characteristics of cloud computing
1/1/2025
Categories of cloud-based services
1/1/2025
Cloud service governance
1/1/2025
Risk assessment
1/1/2025
Connectors to cloud-based applications
1/1/2025
Technology risk management
1/1/2025
Benefits of cloud services
1/1/2025
8. Access Management and Acceptable Usage Policy
1/1/2025
Identity and access management
1/1/2025
IAM definitions in industry standards
1/1/2025
Physical access management
1/1/2025
Importance of identity and access management
1/1/2025
User and domain management process
1/1/2025
Domain access management
1/1/2025
Acceptable usage policy
1/1/2025
9. Network, Server, Storage and Endpoint Management
1/1/2025
Network management
1/1/2025
Internet links
1/1/2025
Firewalls
1/1/2025
Challenges of firewall management
1/1/2025
Switches
1/1/2025
Effective network management
1/1/2025
Network segregation
1/1/2025
Challenges
1/1/2025
Server management
1/1/2025
Server administration
1/1/2025
Storage management
1/1/2025
Endpoint management
1/1/2025
Infrastructure management
1/1/2025
10. Business Continuity and Disaster Recovery Planning
1/1/2025
Business impact analysis
1/1/2025
Business continuity management framework
1/1/2025
Acceptable downtime
1/1/2025
Foundation of BCP
1/1/2025
Disaster recovery framework
1/1/2025
Network redundancy
1/1/2025
Business continuity and disaster recovery drills
1/1/2025
Comparison of BCP and DRP
1/1/2025
11. Organization Context and IT Services
1/1/2025
Business and IT operation context
1/1/2025
IT strategy, service and support
1/1/2025
Service relationships
1/1/2025
Regulatory requirement
1/1/2025
Responsibility in application management
1/1/2025
12. Logging and Monitoring Services
1/1/2025
Significance of logging and monitoring
1/1/2025
Objectives of logging and monitoring
1/1/2025
Logging services
1/1/2025
Log management
1/1/2025
Log management tools
1/1/2025
Monitoring services
1/1/2025
Types of monitoring
1/1/2025
Infrastructure monitoring
1/1/2025
Merits of monitoring
1/1/2025
Monitoring metrics
1/1/2025
Guidelines for effective monitoring
1/1/2025
Significance of monitoring tools
1/1/2025
Logging and monitoring in ITSM
1/1/2025
13. KPIs and Status Reports
1/1/2025
IT service SLAs
1/1/2025
Importance
1/1/2025
Key components
1/1/2025
SLAs in ITSM
1/1/2025
Governance and definition of KPIs
1/1/2025
KPIs as per ITSM standards
1/1/2025
ITSM status reports
1/1/2025
Best practices for effective reporting and KPI tracking
1/1/2025
14. BCP Drills, Plans and Reports
1/1/2025
BCP drills
1/1/2025
Drill metrics
1/1/2025
Reasons for conducting BCP drills
1/1/2025
Risks associated with ensuring continuous operations
1/1/2025
How BCP drills help
1/1/2025
Core components
1/1/2025
BCP standard
1/1/2025
Types of BCP drills
1/1/2025
Types of DRP drills
1/1/2025
BCP drill metrics
1/1/2025
Use of BCP drill metrics
1/1/2025
Learnings from drills
1/1/2025
Learning cycle
1/1/2025
15. Configuration and Change Management
1/1/2025
Configuration management process
1/1/2025
Configuration management
1/1/2025
Asset management
1/1/2025
Benefits of effective configuration management
1/1/2025
Change management process
1/1/2025
Configurable items and CMDB
1/1/2025
Configuration management database
1/1/2025
Problem management process
1/1/2025
Problem management database and known error database
1/1/2025
16. IT Audit Frameworks ISO 20000 and ITIL
1/1/2025
ISO 20000 and ITIL standards
1/1/2025
IT audit framework based on ISO 20000
1/1/2025
ISO 20000 audit framework
1/1/2025
Structure of the ISO 20000 audit framework
1/1/2025
Service management system
1/1/2025
ISO 20000 audit checklist
1/1/2025
IT audit framework based on ITIL
1/1/2025
Focus areas in ITIL compliance assessment
1/1/2025
17. Organizations, People, Data and Technology Processes
1/1/2025
Processes, the integrated framework
1/1/2025
Strategic and operational processes
1/1/2025
Integration of strategic and operational processes
1/1/2025
Governance and compliance processes
1/1/2025
Compliance in ITSM
1/1/2025
Governance and compliance
1/1/2025
People processes
1/1/2025
Innovation
1/1/2025
Data life cycle
1/1/2025
Continuous improvement
1/1/2025
Continuous improvements
1/1/2025
18. Partners, Value Streams and Processes
1/1/2025
Supplier and partner management process
1/1/2025
Supplier evaluation and selection in ITSM
1/1/2025
Supplier due diligence
1/1/2025
Third-party risk management
1/1/2025
Role of IT in delivering value
1/1/2025
IT process life cycle
1/1/2025
IT process lifecycle as per ITIL
1/1/2025