Angel R. Otero, Ph.D., CPA, CISA, CITP, CICA, CRISC is assistant professor of accounting and program chair for accounting and finance online programs at the College of Business, Florida Institute of Technology (Florida Tech or FIT), Melbourne, FL. Dr. Otero has a B.S. in accounting from Pennsylvania State University, a M.S. in software engineering from Florida Tech, and a Ph.D. in information systems from Nova Southeastern University. He also holds active memberships at the American Institute of Certified Public Accountants (AICPA), ISACA (formerly the Information Systems Audit and Control Association), and the Institute for Internal Controls (IIC) professional organizations.

Dr. Otero has over 20 years of industry experience in the areas of public accounting/auditing, information systems auditing, internal control audits, and information technology consulting. Clients served involve the industries of banking/finance, insurance, government, manufacturing, retail, and wholesale, among others. Before joining FIT, Dr. Otero worked at Deloitte & Touche, LLP for 10 plus years and attained the position of senior manager overseeing offices in the state of Florida and Puerto Rico.

Dr. Otero's research interests involve (1) information systems/technology auditing; (2) accounting information systems; (3) financial audits and internal controls; and (4) information security audits and risk assessments. He has published in multiple peer-reviewed journals and conference proceedings.

Part 1. Foundation for IT Audit: 1. Information Technology Environment and IT Audit. 2. Legislation Relevant to Information Technology. 3. The IT Audit Process. 4. Tools and Techniques Used in Auditing IT. Part 2; Planning and Organization: 5. IT Governance and Strategy. 6. Risk Management. 7. Project Management. 8. System Development Life Cycle. Part 3. Auditing Environment: 9. Application Systems: Risks and Controls. 10. Change Control Management. 11. Information Systems Operations. 12. Information Security. 13. Systems Acquisition, Service Management, and Outsourcing. Part 4. Appendixes: 1. IT Planning Memo. 2. Understanding the IT Environment. 3. Sample IT Audit Programs for General Control IT Areas. 4. ACL Best Practice Procedures for Testing Accounting Journal Entries. 5. IT Risk Assessment Example Using NIST SP 800-30. 6. Sample Change Control Management Policy. 7. Sample Information Systems Operations Policy. 8. Auditing End-User Computing Groups. 9. Recommended Control Areas for Auditing Software Acquisitions. 10. Glossary.