|
|
 |
Information and Communications
Technology Qualifications
| Back to list of Prescriptions
| Prescription: AS700 (AS300) Auditing Systems |
| Aim of Module | To enable students to conduct audits of systems under development, operational systems, and the general computer environment.
|
| Credits | 7
|
| Knowledge Assumed From | SC600 (SC200) System Controls
SI600 (SI200) System Implementation
|
| Student Learning hours | 70
|
| Content Revised | 1998
|
| Prescription Expiry Date | Nov 2005
|
Level and Assessment Schedule
|
| Topics | Highest
Skill Level | Suggested
Assessment
Percentage | | |
1 Auditing |
C |
15 |
| |
2 Conduct an Audit |
P |
85 |
| |
|
| | | | 100
| |
LEARNING OUTCOMES
The Student Will
| | | | | C | 1 | Demonstrate an understanding of the issues and techniques involved in auditing computer systems and the computer environment. | | | | | P | 2 | Conduct an audit of an operational system, or a system under development, or a small computer site, using a case study and present findings and recommendations, in the form of a report, to management. |
CONTENT
| | | | 1 | REVIEW | | | | | | - | the systems development life cycle | | | - | threats and countermeasures to computer systems | | | - | categories of controls | | | - | designing controls into computerised systems | | | - | disaster planning and contingency control | | | - | environmental threats and controls | | | - | organisational threats and controls | | |
|
top
| | | | - | identification of systems at risk | | | - | defining terms of reference | | | - | designing, conducting and evaluating tests | | | | | > | Presentation of results and derivation of recommendations.
|
top
| | | | Note | | > | Real systems and businesses must be used in the case study. |
|
|
