[go: up one dir, main page]
Scribd
Upload
194 views2 pages

IS Audit & Management Course

The course outline provides details for a 3 credit hour course on information systems auditing and management. The course introduces fundamental concepts including audit types, frameworks like COSO and COBIT, and computer controls. It focuses on understanding governance, risk management, and internal controls. Students will learn to identify operating system, network, and database threats, and how to conduct audits of these systems. They will gain hands-on experience using ACL software for fraud detection and designing databases in MS Access. Assessment includes a final exam, two hourly exams, quizzes, labs, and a presentation.

Uploaded by

aqsa palijo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
194 views2 pages

IS Audit & Management Course

The course outline provides details for a 3 credit hour course on information systems auditing and management. The course introduces fundamental concepts including audit types, frameworks like COSO and COBIT, and computer controls. It focuses on understanding governance, risk management, and internal controls. Students will learn to identify operating system, network, and database threats, and how to conduct audits of these systems. They will gain hands-on experience using ACL software for fraud detection and designing databases in MS Access. Assessment includes a final exam, two hourly exams, quizzes, labs, and a presentation.

Uploaded by

aqsa palijo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

INSTITUTE OF BUSINESS MANAGEMENT

COLLEGE OF COMPUTER SCIENCE & INFORMATION SYSTEM

COURSE OUTLINE

Course Code MIS303 Faculty


Course Title IS Audi & Management Room #
Credit Hours 3 Phone/Ext.
Pre-Requisite None E-Mail
Program BBA Semester 3

1. Course Description
The course provides fundamental concepts related to an information systems audit and
management. This course describes various types of audits, management assertions, audit
objectives, tests of controls and substantive tests. The course outline the key points of the COSO and
COBIT frameworks, which define internal controls in both manual and IT environments. This course
includes indeapth review of computer center threats and controls which include protecting it from
natural disasters, fire, temperature, and humidity. Furthermore, this course provides hands on
experience on ACL which is famous in the Audit world for fraud detection.

2. Student Learning Outcomes


On completion of this course, students should be able to:
 Appreciate the intrinsic value of information systems in enabling businesses to achieve
their objectives
 Understand IT Governance, Risk Management and Internal Control Frameworks
 Know the difference between attest services and advisory services and be able to explain
the relationship between the two.
 Understand internal control categories presented in the COSO framework
 Be familiar with the key features of Sarbanes-Oxley Act
 Understand the key elements of a disaster recovery plan
 Be able to identify the principal threats to the operating sytems, networks and databases.

TEXT BOOK:
1. James A. Hall ,Information Technology Auditing , 4th Edition, 2013, ISBN: 978-1133949886

REFERENCE BOOKS:
1. CISA review manual 2013-2014
2. James O’ Brien ,Introduction to information System, edition 13, ISBN-978-0073043555
Course Outline

week Topics to be Covered


1 Foundation of Information System
IS framework
Components of Information system
System, control,risk,threat,vulnurablity ,System security.
Types of IS, management support systems,Operation support systems.
TPS,MIS,EIS,DSS,ERP,SCM, Expert systems,AI,Neural networks.
2,3 IT Audit Process
Introduction
Steps in IT audit
Preliminarey Assessment and Information Gathering
Risk assessment to define audit objectives & Scope
Evidence collection and evaluation
Documention and Reporting
3,4 Auditing Operating Systems
Introduction to OS
Operating Sytem Security
Threat to Operating System Integrity
Operating System Controls and Audit Tests
5 Auditing Networks
Introduction to Networks
Intranet Risks
6 MID-I
7,8 Auditing Networks
Internet Risks
Controlling Networks
Controlling risks from subversive threats
Cotnrolling Risks from Equipment Failure
9,10 Auditing Database Systems
Database Management Approach
Key Elements of Database Environment
DBMS Models
Database in Distributed environment
Controlling and Auditing Data Management Systems
11 MID-II
Data Structures
12,13,14 Designing Relational Databases
MS ACCESS Labs
15 Final Exam

3. ASSESSMENT TOOLS & MARKS DISTRIBUTION:


Final Examination 40%
2 Hourly Exams 30%
Quizes 10%
ACL and Access Labs 10%
Presentation & Viva 10%

You might also like