[ISN] REVIEW: "Auditing Information Systems", Mario Piattini

From: InfoSec News (isnat_private)
Date: Sat Jan 11 2003 - 00:36:42 PST

Next message: InfoSec News: "[ISN] Secure Passwordless Logins with SSH Part 3"

Previous message: InfoSec News: "RE: [ISN] Osama's Plot to Blow-up the Internet on January 11th"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rsladeat_private>

BKAUINSY.RVW   20020825

"Auditing Information Systems", Mario Piattini, 2000, 1-878-28975-6,
U$139.95
%E   Mario Piattini
%C   1331 E. Chocolate Ave., Hershey, PA   17033-1117
%D   2000
%G   1-878-28975-6
%I   IRM Press/Idea Group
%O   U$139.95 717-533-8845 fax: 717-533-8661 cust@idea-group.com
%O  http://www.amazon.com/exec/obidos/ASIN/1878289756/robsladesinterne
%P   246 p.
%T   "Auditing Information Systems"

Chapter one is a general overview of auditing, with few details. 
COBiT is not being used as intended by the majority of purchasers, we
are told in chapter two.  There is a rather random discussion of some
security (and some network) concepts in chapter three, which changes
format rather abruptly towards the end.  Chapter four notes that
software maintenance has dangers and a structured process would help. 
It also suggests a COBiT style list of objectives.  All kinds of
things it would be nice to have in the perfect data warehouse are
described in chapter five.  Chapter six looks at a few legal issues
with respect to information.  The theme of chapter seven seems to be
that databases should do what they are supposed to.  (I suppose Gene
Spafford could sympathize: his definition of a secure computer is one
that does what it is supposed to.)  Chapter eight attempts to recreate
ISO 9000 as a COBiT table.  Task analysis by another name (audit
function points) is described in chapter nine.

Even though the name of COBiT is repeatedly invoked in this book it is
really hard to say what it has to do with auditing.

copyright Robert M. Slade, 2002   BKAUINSY.RVW   20020825

-- 
======================
rsladeat_private  rsladeat_private  sladeat_private p1at_private
Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/
Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458):
    February 10, 2003   February 14, 2003   St. Louis, MO
    March 31, 2003      April 4, 2003       Indianapolis, IN



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.

Next message: InfoSec News: "[ISN] Secure Passwordless Logins with SSH Part 3"
Previous message: InfoSec News: "RE: [ISN] Osama's Plot to Blow-up the Internet on January 11th"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Jan 11 2003 - 02:54:50 PST