finelybook
Cybersecurity Auditing: Principles, Practices, and Frameworks
Author(s): Jason Edwards (Author)
- Publisher Finelybook 出版社: Wiley
- Publication Date 出版日期: June 30, 2026
- Edition 版本: 1st
- Language 语言: English
- Print length 页数: 480 pages
- ISBN-10: 1394423047
- ISBN-13: 9781394423040
Book Description
Practical guide to cybersecurity controls, systems, programs, and management
This book is a comprehensive, field-tested guide to the full spectrum of cybersecurity auditing, enabling readers to assess, evaluate, and improve security controls across today’s complex IT environments. It covers cybersecurity operations, governance, and risk management, offering a practical auditing roadmap that spans internal systems, cloud infrastructure, application development, and vendor ecosystems.
From the fundamentals of audit planning to the nuanced challenges of assessing hybrid environments, each chapter is structured to deliver actionable insights, technical depth, and strategic relevance. Forward-looking chapters explore automation, continuous auditing, and AI integration, making the book a future-ready resource in an evolving cybersecurity landscape.
Cybersecurity Auditing discusses:
- Security standards and regulations (NIST CSF/800-53, ISO 27001, SOC 2, PCI, HIPAA), risk assessment, and control design for modern systems
- Identity and access management, network and perimeter security, application and API security/CI-CD (DevSecOps)
- Incident response, crises and vulnerability management, pen test oversight, and third party and supply-chain security
- Audit reporting, executive communication, annual audit planning, and capability development
Suitable as a primary reference, instructional text, or professional desk guide, Cybersecurity Auditing provides the structure and depth needed to effectively elevate cybersecurity audit engagements and improve organizational assurance.
Editorial Reviews
Editorial Reviews
From the Back Cover
Practical guide to cybersecurity controls, systems, programs, and management
This book is a comprehensive, field-tested guide to the full spectrum of cybersecurity auditing, enabling readers to assess, evaluate, and improve security controls across today’s complex IT environments. It covers cybersecurity operations, governance, and risk management, offering a practical auditing roadmap that spans internal systems, cloud infrastructure, application development, and vendor ecosystems.
From the fundamentals of audit planning to the nuanced challenges of assessing hybrid environments, each chapter is structured to deliver actionable insights, technical depth, and strategic relevance. Forward-looking chapters explore automation, continuous auditing, and AI integration, making the book a future-ready resource in an evolving cybersecurity landscape.
Cybersecurity Auditing discusses:
- Security standards and regulations (NIST CSF/800-53, ISO 27001, SOC 2, PCI, HIPAA), risk assessment, and control design for modern systems
- Identity and access management, network and perimeter security, application and API security/CI-CD (DevSecOps)
- Incident response, crises and vulnerability management, pen test oversight, and third party and supply-chain security
- Audit reporting, executive communication, annual audit planning, and capability development
Suitable as a primary reference, instructional text, or professional desk guide, Cybersecurity Auditing provides the structure and depth needed to effectively elevate cybersecurity audit engagements and improve organizational assurance.
About the Author
Jason Edwards, DM, CISSP,is an accomplished cybersecurity leader with extensive experience in the technology, finance, insurance, and energy sectors. Holding a Doctorate in Management, Information Systems, and Technology, Jason specializes in guiding large public and private companies through complex cybersecurity challenges.
