 |
Prescription:AS300 Auditing Systems |
| Aim of Module | To enable students to conduct audits of systems under development, operational systems, and the general computer environment.
|
| Credits | 7
|
| Knowledge Assumed From | SC200 System Controls
SI200 System Implementation
|
| Suggested Time | 70 student learning hours
|
| Prescription Expiry Date | Nov 2002
|
Level and Assessment Schedule
|
| Topics | Highest
Skill Level | Suggested
Assessment
Percentage | | |
1 Auditing |
C |
15 |
| |
2 Conduct an Audit |
P |
85 |
| |
|
| | | | 100
| |
LEARNING OUTCOMES
The Student Will
| | | | | C | 1 | Demonstrate an understanding of the issues and techniques involved in auditing computer systems and the computer environment. | | | P | 2 | Conduct an audit of an operational system, or a system under development, or a small computer site, using a case study and present findings and recommendations, in the form of a report, to management. |
CONTENT
| | | | 1 | REVIEW | | | | - | the systems development life cycle | | - | threats and countermeasures to computer systems | | - | categories of controls | | - | designing controls into computerised systems | | - | disaster planning and contingency control | | - | environmental threats and controls | | - | organisational threats and controls | |
|
top
| | | | - | identification of systems at risk | | - | defining terms of reference | | - | designing, conducting and evaluating tests | | | > | Presentation of results and derivation of recommendations.
|
top
| | | | Note | | > | Real systems and businesses must be used in the case study. |
|
|
|
