Chapter 20: IT Auditing and Cybersecurity

In this section

• Advanced IT Environments (Cloud, Mobile, IoT)
  Explore how the rapid adoption of cloud computing, mobile devices, and IoT technology impacts IT auditing, cybersecurity, and control evaluation. Learn about the shared responsibility model, mobile security measures, and the unique risks posed by IoT environments.
• Data Analytics and Automated Tools in Audit
  Explore how CAATs, predictive analytics, and real-time dashboards enhance audit efficiency, accuracy, and insight, while learning best practices and regulatory guidance for data-driven auditing approaches.
• IT General Controls Testing and Documentation
  Gain comprehensive insights into IT General Controls Testing—from Access Management to Program Change Control and Backup & Recovery—to strengthen audit readiness and cybersecurity compliance.
• Cybersecurity Essentials for Auditors
  Explore key cybersecurity principles and practices crucial for auditors, including governance, threat detection, incident response, and risk management frameworks such as NIST CSF.
• Considerations for System and Organization Control (SOC) for Cybersecurity
  In-depth guide to SOC for Cybersecurity engagements—exploring key requirements, Description Criteria, Trust Services Criteria, and reporting considerations that help organizations communicate and validate their cybersecurity risk management program under AICPA guidance.
• IT Auditing Fundamentals
  Explore how technology shapes modern auditing, key IT control objectives, and the frameworks and best practices that auditors use to protect data integrity, confidentiality, and availability.