The book presents the concepts of information and communications technology (ICT) audit and control from this model. Readers will learn how to create a verifiable audit-based control structure, which will ensure comprehensive security for systems and data. The book explains how to establish systematic control and reporting procedures within a standard organizational framework, and build auditable trust into the security of ICT operations. This book is based around the belief that security is a strategic governance issue rather than an accounting or a technical concern. Besides presenting the concepts of that approach, the book provide exercises and other learning opportunities.