Page no:93
BM E1 – Information System Audit and Governance Objective : To learn IS audit methods, controls, IS strategies through case studies. Prerequisites: IT fundamentals , Computer operations , Network concepts , and Internet concepts, Exposure to programming languages , Exposure to SSAD and Database concepts, Commercial Applications, Management Concepts and Practice Sr. No. 1 Nos. of Session 1 2 Reference Books 2,3 2,1,3
Chapter Details Auditing concepts ISA need, concept, standards, performance, steps , techniques , methodologies , around and through computer. Controls – Concept objectives, types, risk, exposure IT environment – hardware, system software, OS, DBMS, Infrastructure, network concepts, Personnel, documentation, review of performance, procurement, and other controls Network concepts, LAN, WAN, ClientServer architecture, Internet, EDI, email, encryption, digital signatures – review of performance, procurement and other controls. Software procurement and development –SDLC – Meaning and IS auditor’s roletraditional SSAD , OOM , prototyping , 4GL , project management , testing , implementation review. Is-operations -planning, organizing, scheduling, SCM, problem management , record management, QA and QC , review and controls Controls – Input , process , validation , output, logical access, physical access , database , network , environment , BCP Evidence collection, evaluation and reporting methodologies IS strategies and management – organization structure , long term and
2 3
2 3
2,3 2,4
5
2,3,4
4
4
2,1
5
3
2,3
6
8
2,4
7 8
2 2
2,5,1 2,4