Volume 3, 2011
Journal
Columns
3
Information Security Matters:
Who Pays for Security?
Steven J. Ross, CISA, CISSP, MBCP
6
IT Audit Basics: Understanding and
Applying Benford’s Law
Tommie W. Singleton, Ph.D., CISA, CGEIT,
CITP, CPA
10
Five Questions With...
Francisco Garcia Moran
Features
17
Questions That Must Be Addressed for a
Successful IFRS Implementation
William C. Brown, CISA, CPA, and
Byron J. Pike, CPA
25
Automated Audit Testing for SAP Data—
Benefit or Just Another Black Box?
Stefan Wenig and Kyung-Hee Anita
Kim-Reinartz
31
The Assimilation of Marketing’s Service
Quality Principles and the IT Auditing
Process: A Move Toward Quantifiable
SAS 70 Auditing Service Quality, Part 1
Thomas J. Bell III, Ph.D., CISA, PMP, and
Thomas Smith, Ph.D.
36
General Auditing for IT Auditors
Danny M. Goldberg, CISA, CGEIT, CIA, CPA
40
Math on Malware
Henk-Jan van der Molen
Plus
The ISACA ® Journal
seeks to enhance
the proficiency and
competitive advantage
of its international
readership by providing
managerial and
technical guidance from
experienced global
authors. The Journal’s
noncommercial,
peer-reviewed articles
focus on topics critical to
professionals involved
in IT audit, governance,
security and assurance.
Want more of the practical, peer-reviewed articles you have come to expect from the Journal Additional online-only articles will be available on the
first business day of each month in which no Journal is released, i.e., February, April, June, August, October and December. These articles
will be available exclusively to ISACA® members during their first year of release. Use your unique member login credentials to access them at
www.isaca.org/journalonline.
Online Features
The following articles will be available to ISACA members online on 1 June 2011.
An Introduction to Incident Preparedness
and Operational Continuity Management
Based on ISO/PAS 22399:2007
Haris Hamidovic, CIA, ISMS IA, ITIL-F,
IT Project+,
Book Review: Fraud Auditing and
Forensic Accounting, 4th Edition
Reviewed by Horst Karin, Ph.D., CISA,
CISSP, ITIL
Journal Online
Journal authors are
now blogging at
www.isaca.org/journal/blog.
Visit the ISACA Journal
Author Blog to gain more
insight from colleagues and
to participate in the growing
ISACA community.
Read more from these
Journa l authors…
Top IT Governance Issues of 2011
Larry Marks, CISA, CGEIT, CRISC, CFE,
CISSP, PMP
Follow ISACA on Twitter: http://twitter.com/isacanews
Join ISACA’s LinkedIn group: ISACA (Official), http://www.linkedin.com/groups/ISACA-Official-3839870
3701 Algonquin Road, Suite 1010
Rolling Meadows, Illinois 60008 USA
Telephone + 1.847.253.1545
Fax + 1.847.253.1443
www.isaca.org