This book is designed for those who need to gain a working knowledge of the risks and control opportunities within an IT environment, and the auditing of that environment. The emphasis of this book is on both the principles and techniques as well as the practical implementation through the use of realistic case studies.