PART VII: Appendices and Reference Materials

In this section

• Chapter 32: Glossary of Key Information Systems and Controls Terms
  • IT and Security Acronyms
    A comprehensive alphabetical guide to commonly used IT and security acronyms, featuring clear definitions, practical examples, and references to key sections of the ISC Examination Supplemental Guide.
  • Expanded Definitions and Technical Jargon
    Explore key IT and IS control terms vital for CPA candidates, featuring plain-English explanations and references to earlier chapters for deeper knowledge.
• Chapter 33: Standards, Frameworks, and Regulation Summaries
  • COBIT, NIST, GDPR, PCI DSS Key Takeaways
    COBIT, NIST, GDPR, PCI DSS Key Takeaways. A thorough exploration of the essential frameworks and regulations that guide information systems governance, security, and compliance for CPAs practicing IT Audit, Risk Management, or Advisory. This comprehensive article covers high-level goals, practical compliance pointers, and real-world examples, equipping professionals to robustly evaluate organizational IT controls.
  • AICPA Professional Standards Related to IT Audits
    Explore how various AICPA professional standards shape the conduct of IT audits, from financial statement audits to attestation engagements, ensuring compliance, reliability, and integrity in technology-driven environments.
  • Additional Reading and Reference Resources
    Explore official guides, white papers, and academic journals to deepen your mastery of the ISC domain. This section provides curated references for frameworks, regulations, IT audit methodologies, cybersecurity, data management, SOC engagements, and more—enabling a robust, in-depth learning experience aligned with the CPA (AICPA®) ISC Blueprint.
• Chapter 34: Implementation Checklists and Templates
  • Sample IT Policies and Procedures
    Explore comprehensive sample IT policy templates, procedures, and best practices for effective governance and risk management. Adapt these tools to align with organizational context and regulatory standards.
  • Generic Change Management and Incident Response Templates
    Explore practical, step-by-step templates for managing IT changes and responding effectively to incidents. Learn how to structure requests, approvals, testing, and recovery strategies to enhance system integrity and minimize risks.
  • Outline of Roles and Responsibilities for IT Governance
    A comprehensive guide to key IT governance roles, from CIO and Steering Committee to Executive Management, ensuring strategic alignment and robust control frameworks.