Nelson Higher Education

Higher Education

Information Technology Auditing, 4th Edition

  • James A. Hall
  • ISBN-10: 1133949886
  • ISBN-13: 9781133949886
  • 656 Pages | Paperback
  • Previous Editions: 2011, 2005, 2000
  • COPYRIGHT: 2016 Published
Request a Copy for Review


About the Product

Introduce your students to state-of-the-art audit issues as you provide valuable insights into auditing in a modern computer-based environment with Hall's acclaimed INFORMATION TECHNOLOGY AUDITING, 4E. The book focuses on key information technology aspects of auditing, including coverage of transaction processing, Sarbanes-Oxley implications, audit risk, and the COSO control framework. Students review general and application control issues, the latest in fraud techniques and detection, today's IT outsourcing issues and concerns, and modern enterprise system risks and controls.


  • The Risk Analysis Approach In This Book Helps You Emphasize This Approach In Your Course. This text provides the tools to teach a risk-based approach to the identification of key threats. Students learn to develop appropriate audit tests and procedures in the following areas: Operating Systems (mainframes and PCs), Data Management, Systems Development, Electronic Commerce (including networks, EDI and Internet risks), Organizational Structure, Computer Center, and Computer Applications (Revenue and Expenditure cycle).

  • Today's Most Common Computer-Aided Audit Tools and Techniques (CAATTS) are highlighted. The book introduces popular computer-aided audit tools and techniques using clearly written presentations and graphical illustrations that form an easy-to-understand model for learning.

  • Book Focuses on Computer Control Issues and Their Impact on Operational Efficiency. The auditor's attest responsibility, computer control issues, and operational efficiency are all central themes in this edition. Numerous cases and problems reinforce the learning objectives related to these topics.

About the Author

James A. Hall

James A. Hall is a Professor of Accounting, co-director of the Computer Science and Business program, and the Peter E. Bennett Chair in Business and Economics at Lehigh University in Bethlehem, PA. After his discharge from the U.S. Army, he entered the University of Tulsa in 1970 and received a B.S.B.A. in 1974 and an M.B.A. in 1976. He earned his Ph.D. from Oklahoma State University in 1979. Dr. Hall has worked in the field of systems analysis and computer auditing and has served as consultant in these areas to numerous organizations. Dr. Hall has published articles in the Journal of Accounting, Auditing & Finance, Journal of MIS, Communications of the ACM, Journal Of Management Systems, Management Accounting, Journal Of Computer Information Systems, The Journal Of Accounting Education, The Review Of Accounting Information Systems, and other professional journals. He is also the author of ACCOUNTING INFORMATION SYSTEMS and INFORMATION TECHNOLOGY AUDITING, both published by Cengage. His research interests include internal controls, computer fraud and IT outsourcing.

Table of Contents

1. Auditing, Assurance, and Internal Control.
2. IT Governance.
3. System Security I--Networks and Operating Systems.
4. System Security II--Data Management.
5. Systems Development and Program Change Procedures.
6. Overview of Transaction Processing and financial Reporting Systems.
7. Computer-Assisted Audit Tools and Techniques.
8. CAATTs for Data Extraction and Analysis.
9. Application Controls and Substantive Testing I--The Revenue Cycle.
10. Application Controls and Substantive Testing II--The Expenditure Cycle.
11. Enterprise Resource Planning Systems.
12. Ethics, Fraud Schemes and Fraud Detection.

New to this edition

  • Significantly Revised End-of-Chapter Material Reflects New Chapter Content. Virtually all multiple-choice questions and most of the problems are new or revised. Corresponding solutions in the Solutions Manual accurately reflect the problem requirements. In particular, all internal control and fraud case solutions are consistent and accurately reflect the cases in the text. All case solution flowcharts are numerically coded and cross-referenced to the text. This classroom-tested approach facilitates the effective presentation of internal control and fraud case materials.
  • Updated Overview and Initial Five Chapters Present The Latest General Control and Audit Issues. An Updated Chapter 1, "Auditing, Assurance, and Internal Control," overviews IT audit issues and auditor responsibilities that follow Sarbanes-Oxley (SOX) legislation, the COSO internal control model, and SAS 109. Revised Chapters 2, 3, 4, and 5 present general control and audit issues in accordance with SOX and COSO frameworks.
  • Extensively Revised Chapter Provides Working Understanding of Data Modeling Techniques. Today's accountant must be equipped to access invoices stored on normalized database tables, which requires understanding relational database structures. Chapter 8 now addresses this growing need for modern auditors to understand data modeling techniques. The chapter presents key characteristics of the relational database model, including data modeling, deriving relational tables from entity relationship (ER) diagrams, the creation of user views, and data normalization techniques.
  • Expanded Material Details Auditor Responsibilities and Fraud Techniques. An updated Chapter 12, "Ethics, Fraud Schemes and Fraud Detection," introduces how auditors detect fraud. Expanded coverage addresses a wide range of contemporary fraud techniques.


All supplements have been updated in coordination with the Main title.
Please see Main title page for new to this edition information.

Instructor Supplements

Instructor's Companion Website  (ISBN-10: 1285439880 | ISBN-13: 9781285439884)

Save time with the important resources you need, instantly accessible on the Web, with the helpful Instructor's Companion website. You'll find the Solutions Manual, Test Bank in Microsoft® Word, and PowerPoint® slides, all passwords protected and ready for quick download as you need them.