It Auditing Outline

ACC 624 Information Technology canvasing Spring, 2013 go down Engira Office BENT H solely 364 Hours By appointment ONLY think Cell (917)597-9523 e-Mail Currently emailprotected edu or emailprotected com The Course This course provides an overview of controls relating to IT governance, databases and their bodily structures, networks, knob servers systems, IT service delivery, business continuity, disaster recovery, IS security, cryptography, firewalls, IDS, IPS, backups, recovery, and distributed systems. Text Required ISACA, CISA Review Manual- 2013, ISACA publication, work out CRM11- RequiredNote You can buy any edition of the aforementioned text. 2008,2009, 2010, and 2011 editions are all good, and are much cheaper from various sources CISA Q/A CD-ROM in face- 2011- Recommended non Required, Code CDB11 CISA Review Questions, Answers, and Explanations- 2011 Recommended not Required, Code CDB11W CISA Review Questions (Supplement) 2011 Recommended not Required, Code QAE11E S (Note If you buy CDB11, you dont have to buy CDB11W and QAE11ES) mark Mid-Term .. . 35% Term Paper .. .. .. 20% Final Exam .. .. 35% Class Participation .. .. 10% Please note With the exception of authenticated medical emergencies, there will be no make-ups for any test. to a greater extent than three (3) non-excused absences are considered as an automatic withdrawal from the course. (Please let me know, IN ADVANCE, if you cannot attend a class because of a legitimate emergency). Note advocator Point Slides and Class Handouts will be available on professors disk (STJs S Drive). There is no arrive at campus access to this drive, therefore, you should copy these files into a diskette for your own use at home.Professor may also decide to use other electronic delegacy to send the handouts to the students. Ranges for Grades A = 93. 1 to 100 A- = 90. 1 to 93. 0 B+ = 87. 1 to 90. 0 B = 84. 1 to 87. 0 B- = 80. 1 to 84. 0 C+ = 77. 1 to 80. 0 C = 74. 1 to 77. 0 C- = 70. 1 to 74. 0 D+ = 67. 1 to 70. 0 (Undergrads only) D = 64. 1 to 67. 0 (Undergrads only) D- = 60. 1 to 64. 0 (Undergrads only) F = below 60. 0 WEEKLY mannequin SCHEDULES Note There is a strong possibility that sequence of reportage of chapters might change. Week CHAPTER DESCRIPTION 1,2 Instructor Handouts (PP Financial Auditing, Operational Auditing, IT Auditing, Forensics auditing, single-valued function of IIA, ISACA, decks) certifications of CIA and CISA IT technical refresher Introduction to IT Auditing Theory and Practice of Controls 3 CRM landing field 1 IS Audit Process 4 CRM study 1 IS Audit Process 5 CRM line of business 2 IT Governance 6 CRM land 2 IT Governance 7 CRM scope 3 System and cornerstone Lifecycle concern (mid-term) 8 CRM Domain 3 System and root word Lifecycle Management 9 CRM Domain 4 IT Service Delivery and Support 10 CRM Domain 4 IT Service Delivery and Support 11 CRM Domain 5 IS plus protection- security 12 CRM Domain 3 IS Asset pr otection- security 13 Rain/Snow Day Contingency commercial enterprise Continuity and Disaster recovery 14 Finals Finals (Cumulative from ALL domains) (35 points) Course muster in for ACC 624 Domain 1- The IS Audit Process IS Auditing Standards and Guidelines, Performing an IS Audit, Control Self Assessment, emergent changes in IS Audit Process.Domain 2- IT Governance Policies and Procedures, Risk Management, Information Systems Management Practices (Personnel Management, Sourcing Practices, organizational Change Management), Organizational Structure and Responsibilities (IS Roles and Responsibilities, Segregation of Duties, Auditing IT Governance Structure and Implementation. Domain 3-Systems and Infrastructure Life Cycle Management Project management structure and Practices, Business coat victimization (Traditional SDLC phases, alternate Application Development Approaches), Infrastructure Development / Acquisition in Practices, Information Systems Maintenance Practices, System Development Tools and Productivity Aids, Application Controls, Auditing Application Controls, Auditing System Development, Acquisition and Maintenance, Business Application Systems E-Commerce, EDI, POS, Electronic Systems, EFT, ATM, Image Processing etc.Domain 4- IT Service Delivery and Support IS Operations, IS Hardware, IS architecture and Software, IS Network Infrastructure (OSI model, LAN-WAN, wireless, N/W Administration and Controls), Auditing Infrastructure and Operations. Domain 5- Protection of Information Assets Information Security Management, Logical entry Exposures and Controls, N/W Infrastructure Security, Auditing Information Security Framework, Environmental Exposures and Controls, Physical Access Exposures and Controls. Domain 6- Business Continuity and Disaster Recovery BC and DR supply (BCP process, BCP incidence management, recovery strategies, developing a BCP, organization and assignment of responsibilities, components of BCP, architectural plan Test ing, Backup and Restoration, Auditing DR and BC Plan. pic