Our search has the following Google-type functionality:
If you use '+' at the start of a word, that word will be present in the search results.
eg. Harry +Potter
Search results will contain 'Potter'.
If you use '-' at the start of a word, that word will be absent in the search results.
eg. Harry -Potter
Search results will not contain 'Potter'.
If you use 'AND' between 2 words, then both those words will be present in the search results.
eg. Harry AND Potter
Search results will contain both 'Harry' and 'Potter'.
NOTE: AND will only work with single words not phrases.
If you use 'OR' between 2 single words, then either or both of those words will be present in the search results.
eg. 'Harry OR Potter'
Search results will contain just 'Harry', or just 'Potter', or both 'Harry' and 'Potter'.
NOTE: OR will only work with single words not phrases.
If you use 'NOT' before a word, that word will be absent in the search results. (This is the same as using the minus symbol).
eg. 'Harry NOT Potter'
Search results will not contain 'Potter'.
NOTE: NOT will only work with single words not phrases.
If you use double quotation marks around words, those words will be present in that order.
eg. "Harry Potter"
Search results will contain 'Harry Potter', but not 'Potter Harry'.
NOTE: "" cannot be combined with AND, OR & NOT searches.
If you use '*' in a word, it performs a wildcard search, as it signifies any number of characters. (Searches cannot start with a wildcard).
Search results will contain words starting with 'Pot' and ending in 'er', such as 'Potter'.
Steve Katzman is a retired master sergeant who spent four years in accounting and finance and the rest of his 21-plus-year Air Force career in information technology (IT) and data communication. He has over 35 years of computer and technology experience and 14 years in auditing (internal and external). Mr. Katzman earned a BS degree in management information systems with a focus on business from Central Connecticut State University. He maintained several professional certifications, including CIA, CISA, CRMA, CRISC, and CISSP. During his military career, he held a top-secret security clearance.
When I first received this book for review, I was a bit nervous. I am not an auditor, and have never been one. It is true that I have participated in hundreds of audits across different industries and disciplines, as both a customer and much more frequently, as an advisor, but I never had to put my name to the bottom of an attestation (except, I suppose, for a few PCI self-assessment questionnaires). In short, I was concerned that I would not be able to properly grasp it, and thus fail to do it justice. By the time I was done, I found myself with the same concern, but this time, coming from a completely different angle. Because Steve's book is truly a delight. I have worked with hundreds of auditors, and only a couple of them have ever shown the scope and breadth of experience, the desire to go beyond following rote process, and the sheer interest in staying true to the purpose of an audit - any audit - that Mr. Katzman exhibits in his book. Steve's personal stories shine through, and really help in framing the conversation. The little quips he embeds throughout his writing made me chuckle repeatedly, certainly not what I expected from a book about what is ultimately a rather dry subject matter. The planning chapter alone is worth the price of entry, as first and foremost it does such a great job at reminding all of us why audits exist in the first place. For me, this work provided a great insight into the mind of an auditor, in a way that I never quite grasped before. That is undoubtedly going to help me in future audits. Considering the way Steve seamlessly transitions between the client and auditor viewpoints, if you are an auditor (the stated target audience for this book), then I cannot imagine how it would fail to help in a mirrored fashion. I find it fitting to end this review by borrowing Steve's own ending words from the book: Stay well, stay happy, and stay productive . -- Barak Engel, CISO and author, Why CISOs Fail - The Missing Link in Security Management and How to Fix It