Control and Security of E-Commerce

Praise for Control and Security of E-Commerce

"The essence of information security is all about people, processes, and controls. The heart of successful security is not pure technology. The key is a team of well-trained employees who are prepared to use technology as a tool to implement and manage effective IT controls. Gordon Smith’s important book is a quality follow-up to his first book dealing with a control assessment approach to network auditing. It is an outstanding presentation of what is important in implementing and managing IT controls. It simply belongs in the library of every IT manager, internal auditor, and security specialist."
–Dr. James B. Hansen Vice President of Security Services DynTek, Inc.

"Gordon Smith’s latest book leads the field again. Based upon understandable theory and loads of real-world audit experience, Control and Security of E-Commerce will help you identify, isolate, and inoculate your company from today’s ever-present e-commerce perils. Don’t just ‘trust’ that your security is OK–use this book to make sure!"
–Professor Michael Davis Graziadio School of Business and Management Pepperdine University

"Control and Security of E-Commerce is an invaluable book for practicing information systems professionals. Its unique informal and conversational style of writing is a pleasure to read. The war stories make the reading exciting for an area that is technical and often considered rather dry. The end-of-chapter guidelines for action are a treasure-trove of information. I highly recommend this book for anyone interested in e-commerce security."
–Dr. Jagdish S. Gangolly Associate Professor and Director of the Graduate Accounting Programs University at Albany, State University of New York

• Explores the components of e-commerce (including EDI).
• Shows the risks involved when using an e-commerce system.
• Provides controls for protecting an e-commerce site (e.g., securing financial transactions and confidential transactions).
• Provides COSO compliant audit approach.
• Provides risk/control tables and checklists.
• Technical topics are discussed in simple user-friendly language.

Dr. Jagdish S. Gangolly

Control and Security of E-Commerce is an invaluable book for practicing information systems professionals. Its unique informal and conversational style of writing is a pleasure to read. The war stories make the reading exciting for an area that is technical and often considered rather dry. The end-of-chapter guidelines for action are a treasure-trove of information. I highly recommend this book for anyone interested in e-commerce security. (Associate Professor and Director of the Graduate Accounting Programs, University at Albany, State University of New York)

Gordon E. Smith is the President of Canaudit, Inc., an auditing seminar development and presentation firm. He has twenty-eight years of audit experience.

His areas of expertise include networks, information security, operating systems, and client/server environments. Smith is a regular speaker at conferences and seminars worldwide, and received the 2002 Wasserman Award for outstanding achievement in information audit and security.