Book Description

A university edition of the Corporate Fraud Handbook, this book has been created to provide the most authoritative treatment available on Fraud Accounting. Like no other book on fraud, this book explains fraud schemes used by employees, owners, managers, and executives to defraud their customers and illustrates each scheme with real-life case studies submitted to the ACFE by actual fraud examiners who aided in the case resolutions. It shows the reader how to spot the "red flags" of fraud, how to comply with recent regulations including Sarbanes-Oxley, and how to develop and implement effective preventative measures. ... Read more

Book Description

This Auditing practice set incorporates both the cycles and the risk approach using the audit risk model. Students will learn to design and prepare the current year's working papers and assemble the completed case. Taking about 30 hours to complete, this practice set can be used with any Auditing textbook. ... Read more

Book Description

The CIA Exam tests a candidates knowledge of current internal auditing practices and understanding of internal audit issues, risks, and remedies. This thorough review program covers everything readers need to know to be successful on all four parts of the Exam consisting of both theory and practice. ... Read more

Book Description

Dimitris N. Chorafas defines both auditing and internal control, and explains the value of internal control, why it must be audited, and how it can be most effectively achieved. He addresses top management's accountability for internal control and uses case studies to demonstrate the application of such systems, as well as the importance of sound analysis of the information gathered. Based on an extensive research project in the UK, US, and continental Europe, this book is an invaluable source of practical advice for implementing internal control systems and making existing systems more efficient. ... Read more

Book Description

The quality audit, from initial request through planning, implementation, evaluation, reporting and follow-up is thoroughly presented in this step-by-step guide. The author explores each stage of the audit process from the point of view of the auditor and the client requesting the audit--with an in-depth focus on the special interests and needs of the organization being audited. Manager or engineers of quality control and quality assurance, auditors, and those in need of an auditor will find a straightforward comparison of the major national and international Quality System Standards, as well as a ``hands on'' explanation of both internal and external audit objectives. Administrative and technological aspects of the audit process are analyzed, and various types of working papers, documentation, and sampling plans are reviewed. It thoroughly covers the collection and analysis of audit data, the creation of reports, taking corrective action, and utilizing techniques for improving the audit process itself. ... Read more

Reviews (1)

Dry Reading
Like most books about quality control and quality assurance, this one is a sleeper, too. What is even more interesting is that an author could write a 300-page book about this subject! Dry as it is - and that may be no fault of the author - the book has some valuable ideas about auditing. The chapters are short and well organized, making it easier to find a good "stop-for-the day point." I'd suggest putting on a pot of coffee and giving it a shot. ... Read more

Book Description

Written by auditors, each with a multitude of real-world experience, this is not a book that deals with theories and principles as they exist on library shelves. New to this edition is the expanded coverage on ethics, the correlation of auditing to business performance, and the expansion into areas not covered by the Certified Quality Auditor Body of Knowledge. This single resource is designed for auditors, audit managers, audit teams, and quality assurance professionals to use as the definitive resource for nearly every aspect of the auditing function. ... Read more

Reviews (1)

The great value of the implement in Quality Audit procedure.
The great value and contribution of the implement is a warning signal but isn't a part of Quality. Many vendors are too emphatic the implemeent to carry through Quality system now. ... Read more

Book Description

A clear, accessible guide to the roles and responsibilities of today’s internal auditor

At a time when companies are seeking to reevaluate their practices and add value to their audit processes, The Internal Auditor at Work represents an invaluable, user-friendly, and up-to-date guidebook for the internal auditing professional to refine and rethink both day-to-day methods and the underlying significance of the job.

Each chapter of this in-depth, functional analysis contains numerous resources to guide the reader toward greater understanding and performance. Discussion questions promote dialogue among auditing professionals on the various topics covered. Top ten considerations lists recap the important points of each chapter. And end-of-chapter exercises are especially valuable to new internal auditors in that they facilitate self-development and application of principles covered.

Written in partnership with the Institute of Internal Auditors with special attention to its revised standards and guidelines, The Internal Auditor at Work includes chapters on:

• The audit context
• The strategic dimension
• Quality and audit competence
• The audit process
• The audit proposition
• And more

In a business environment currently undergoing major reevaluation, The Internal Auditor at Work provides an invaluable tool for internal auditing professionals and all others with an interest in adding value to their organizational processes. ... Read more

Book Description

This casebook consists of 26 cases excerpted from the SEC Enforcement Division's releases for false and misleading financial statements, each containing valuable lessons to be learned about the possibility of financial statement fraud and how an auditor can go about finding such fraud. The real people, companies, and events of each case provide readers with an understanding of the practical applicability and real consequences of the book's discussions.A four-part organization examines professional responsibilities, internal control, specific accounts and areas, and cases covering multiple areas.For fraud examiners and those preparing for the CFE exam. ... Read more

Book Description

The tools, guidelines, and procedures that IS auditors need

Auditing Information Systems, Second Edition, explains clearly how to audit the controls and security over all types of information systems environments. The concepts and techniques in the book enable auditors, information security professionals, managers, and audit committee members of every knowledge and skill level to truly understand whether or not their computing systems are safe. The book provides a detailed examination of contemporary auditing issues such as:

• Information systems audit approach (physical, logical, environmental security)
• Security certifications such as SAS 70, TruSecure, SysTrust, and WebTrust
• Computer forensics
• E-Commerce and Internet security (including encryption and cryptography)
• Information privacy laws and regulations
• Information systems project management controls
• New technologies and future risks

Auditing Information Systems, Second Edition gives auditing professionals the tools they need to get their job done right. It is a must-have reference for any auditor’s library. ... Read more

Reviews (1)

Good introduction and overview of IS audit
This is a readable and current introduction to information systems auditing from a qualified and experienced IS auditor.

The book consists of three parts. Part One introduces core information systems concepts and is aimed at readers without much background in IS; Part Two introduces IS audit itself, and Part Three discusses some additional concepts and issues, such as control self-assessment and the human factor. Case studies are extensively used throughout the book to illustrate concepts, approaches and procedures discussed in the text.

While the author is writing from a US perspective and has US work experience, references to British, Canadian, and Australian standards, qualifications and practices are included. One of the good characteristics of this book is its readability and easy flow of information, unlike many other works in this field.

I haven't given this book five stars because in my opinion its coverage of "information systems" is somewhat limited compared with the coverage of "auditing". So if you are looking for a detailed technical volume on information systems auditing, look elsewhere; this book gives a well-rounded non-technical introduction to information systems auditing and does it well.

Edgar Danielyan, CISSP
Published author, editor and instructor
www.danielyan.com ... Read more

Book Description

This research was provided by generous donations from the Washington DC, Northern Virginia, and Baltimore chapters — the joint sponsors of The IIA's 2002 International Conference — and William L. Taylor, conference chairman.

A major crisis in corporate governance in the U.S. led to the passage of the Sarbanes-Oxley Act in July 2002.Astute boards and executive managers recognize that although the Act does create a short-term compliance burden, it is necessary to help restore investor confidence in the reliability of financial reports. They also realize that the public is more aware of governance practices and has higher expectations. To meet these expectations, they are investing in meaningful improvements in the governance process. This investment might also have long-term benefits such as improving risk management and, ultimately, enhancing shareholder value. This research study illustrates in detail how some leading companies are capitalizing upon this opportunity. Includes a CD that allows you to customize the content to your organization. ... Read more

Reviews (1)

Valuable tools
This book/CD ROM combination is a quick-start tool for internal auditors who need to drill down to the essentials and eliminate the time it takes to develop in-house aids for compliance.

The book is a mere 119 pages, of which approximately 110 are main content.It covers Section 301(audit committees), Section 302 (quarterly CEO and CFO certifications), and Section 404 (management assessment of internal controls).Each part of the book is brief and assumes familiarity with Sarbanes-Oxley.The value is in the essentials.For example, Section 301 material provides an audit committee charter issues matrix, which is typical of the tools that are provided in conjunction with discussions of other sections of the act.

On the accompanying CD ROM are equally valuable tools and documents, including the following in soft copy:
Section 301: Audit Committees Audit Committee Charter Issues Matrix, and Sample Audit Committee Charter

Section 302: COSO-based Risk Assessment Tool, COSO-based Disclosure Control Guide, Sample Disclosure Committee Charter, El Paso Internal Control Assessment Survey

Section 404: Control Model Project Plan, COSO Grid and Worksheets, ALLTEL Internal Control System Survey and Control and Risk Assessment Report

The above, combined with the highly focused (if somewhat terse) text of the book combine to make this set an invaluable addition to the internal auditor's toolbox. ... Read more

Book Description

Financial Reporting of Environmental Liabilities and Risks is a complete guide to developing the underlying business systems to successfully report environmental matters in audited financial statements and reports filed with the Securities Exchange Commission (SEC). It sets forth relevant reporting and internal control standards and discusses important issues affecting reporting entities, accountants, lawyers, and environmental professionals. ... Read more

Reviews (1)

Review of Handbook of Communication Audits for Organisations
Owen Hargie, Professor of Communication at the University of Ulster and Dennis Tourish, senior lecturer at University of Queensland, Australia, introduce the concept of communication audits in their handbook.This book is useful for employees involved in communications audits or those conducting audits for an organization.Their book examines methodologies for audits including a chapter each on questionnaires, interviews, focus groups, and log-sheets. The handbook provides practical help for auditors including a section on possible survey questions as well as attributes of a world-class communication system. A section of the book includes real-world examples where the authors have conducted similar communication audits to the ones they describe in the introduction.These case studies show how application can be made of the principles discussed in the handbook and include some valuable "lessons learned". This book includes some of the lastest thinking on communication audits in organizations.Only one drawback that may be noticable to an American audience - both authors are native to the "queen's English" and some of the wording may sound very British especially when trying to "translate" for a typical American organization. It's important to keep in mind that some wording may need to be slightly adjusted for the American business reader. ... Read more

Book Description

This unique book reaches beyond the abstract theory presented in most standard textbooks to portray the principles and practices of Auditing as they are actually applied in the workplace.The novella—which forms a single, on-going, fictional case study meant to supplement a text—traces the professional life of Jack Butler, graduate of Farwestern University and current CPAAs readers progress, they share with Jack, his clients, and colleagues various aspects of a typical career in public accounting—aspects students will most likely encounter during their own careers. ... Read more

Book Description

A necessity for auditors, audit managers, audit teams, and all quality professionals. The Quality Audits for Improved Performance, Third Edition, provides established techniques and serves as a guide to learning and applying the basic techniques of quality auditing. Author Dennis Arter continues to expand on the audit principles to show how the quality audit can improve business performance.

The new edition features:
* Expanded background and history of auditing
* A general model for auditing any management system
* Added information on process audits and the system-process-product relationship
* Auditor competencies and qualification
* Explanation of audit reports and the role of the auditor after the report
* New material on remedial and corrective action
* Example audit procedures and glossary of terms

Arter addresses both internal and supplier auditing as it relates to any quality management system, including ISO 9001, GMP, automotive, and others. He provides supportive examples and checklists throughout the book to help make this one of the best single-source reference guides. Quality practitioners and registrars will find this book to be a useful tool.

Contents:
* Brief History of Auditing
* What Is an Audit?
* General Model of Auditing
* Management Principles Audit Program Manager
* Phases of the Audit Process
* Audit Plan
* Reporting
* Remedial Action
* Corrective Action
* Close Out ... Read more

Reviews (2)

Especially recommended for small business owners
Now in an fully updated third edition, Quality Audits For Improved Performance by independent auditing consultant Dennis R. Arter is an informative and "user friendly" guide written especially for anyone responsible for implementing or performing an audit program. Individual chapters accessibly address the do's and don'ts of financial audits; the various different types of audits; straightforward guidelines to gathering facts; reporting figures; follow-up; an example procedure; and more. Quality Audits For Improved Performance is a truly first-rate manual and especially recommended for small business owners.

The single best resource for learning the audit skill.
This book is the single best resource for learning the internal quality auditing skill. It take a very pragmatic and simple approach to this subject, that is often presented as a mystical activity. Mr. Arter has stuck the basics here, emphasizing the importance of the relevance and significant of findings cited, and explaining how to present findings in a supportable manner. ... Read more

Book Description

The Essential Handbook of Internal Auditing is a condensed version of the second edition of the highly successful “Internal Auditing Handbook”. It shows the reader how to understand the audit context and how this context fits into the wider corporate agenda. The new context is set firmly within the corporate governance, risk management and internal control arena.

In addition to the author’s own views of the auditor’s role, the reader is provided with a range of professional standards and guidance that provides a valuable source of various key issues and developments.

K H Spencer Pickett has also developed many helpful models and checklists that provide a short cut to understanding the work and coverage of internal auditing.

  ... Read more

Book Description

Emphasizing the use of sampling in the audit of financial statements by external as well as internal auditors, this book presents technical sampling material within the context of the auditing risk model. ... Read more

Book Description

Praise for Control and Security of E-Commerce

"The essence of information security is all about people, processes, and controls. The heart of successful security is not pure technology. The key is a team of well-trained employees who are prepared to use technology as a tool to implement and manage effective IT controls. Gordon Smith’s important book is a quality follow-up to his first book dealing with a control assessment approach to network auditing. It is an outstanding presentation of what is important in implementing and managing IT controls. It simply belongs in the library of every IT manager, internal auditor, and security specialist."
–Dr. James B. Hansen
Vice President of Security Services
DynTek, Inc.

"Gordon Smith’s latest book leads the field again.Based upon understandable theory and loads of real-world audit experience, Control and Security of E-Commerce will help you identify, isolate, and inoculate your company from today’s ever-present e-commerce perils. Don’t just ‘trust’ that your security is OK–use this book to make sure!"
–Professor Michael Davis
Graziadio School of Business and Management
Pepperdine University

"Control and Security of E-Commerce is an invaluable book for practicing information systems professionals. Its unique informal and conversational style of writing is a pleasure to read. The war stories make the reading exciting for an area that is technical and often considered rather dry. The end-of-chapter guidelines for action are a treasure-trove of information. I highly recommend this book for anyone interested in e-commerce security."
–Dr. Jagdish S. Gangolly
Associate Professor and Director of the Graduate Accounting Programs
University at Albany, State University of New York ... Read more

Reviews (2)

Very good book on security controls
Checklists, though mundane, are a key component of many jobs. They help ensure that key issues aren't overlooked, and they serve as guideposts for anyone auditing the work. This book provides technology managers with a very good preparatory set of details and checklists for their e-commerce infrastructure. The book can also show a corporate auditor what to look for to ensure that appropriate controls are in place.

Throughout its 6 chapters and 225 pages, the book offers a detailed, progressive, and structured approach for performing such audits. The book addresses technology-related issues but doesn't require the auditor to be expert in them. Among topics discussed are physical security, authentication, and passwords; checklists ensure that these features are deployed or configured correctly.

For ensuring that file servers and other elements of the e-commerce infrastructure are protected, this book is an excellent choice.

An Invaluable E-Commerce Audit Guide
While many approach the subject of e-commerce control and security from a purely pedagogical, 'those who can't do, teach' perspective, Gordon Smith draws upon his considerable experience in the trenches to pen this logical step-by-step, risk-based approach to the subject. Moreover, the book is written in an easy, conversational style that is easily comprehended by even neophyte auditors, and its packed with audit work programs and checklists that permit practitioners to roll up their sleeves and get down to work immediately. One feature of this book I found particularly enlightening was Mr. Smith's sensible inclusion of supporting operating system and data base-related risks and controls as they relate to the overall e-commerce control environement. Too often these extremely important controls are deleted from scope or not considered at all in favor of engagement cost and time constraints. Experience proves that a partially secured environement is no better than one that is totally unsecured. Having contracted and worked with Mr. Smith and his CanAudit associates in the past, and having personally witnessed his team breaking into systems heretofore considered inpenetrable, I place a great deal of credence in his opinions on the subject of system security, e-commerce-related or otherwise. This book is a must read for anyone interested in the subject of e-commerce security and an invaluable reference tool for the professional IT Auditing practitioner. ... Read more