 |


Prescription:AS300 Auditing Systems |
Aim of Module | To enable students to conduct audits of systems under development, operational systems, and the general computer environment.
|
Credits | 7
|
Knowledge Assumed From | SC200 System Controls
SI200 System Implementation
|
Suggested Time | 70 student learning hours
|
Prescription Expiry Date | Nov 2002
|
Level and Assessment Schedule
|
Topics | Highest Skill Level | Suggested Assessment Percentage | |
1 Auditing |
C |
15 |
|
2 Conduct an Audit |
P |
85 |
|
|
| | | | 100
| |
LEARNING OUTCOMES
The Student Will
| | | | C | 1 | Demonstrate an understanding of the issues and techniques involved in auditing computer systems and the computer environment. | | P | 2 | Conduct an audit of an operational system, or a system under development, or a small computer site, using a case study and present findings and recommendations, in the form of a report, to management. |
CONTENT
| | | 1 | REVIEW | | | - | the systems development life cycle | | - | threats and countermeasures to computer systems | | - | categories of controls | | - | designing controls into computerised systems | | - | disaster planning and contingency control | | - | environmental threats and controls | | - | organisational threats and controls |
| top
| | | | - | identification of systems at risk | | - | defining terms of reference | | - | designing, conducting and evaluating tests | | > | Presentation of results and derivation of recommendations.
| top
| | | Note | > | Real systems and businesses must be used in the case study. |
|
|
|