|
|
| Aim of Module | To enable students to conduct audits of systems under development, operational systems, and the general computer environment. |
| Credits | 7 |
| Knowledge Assumed From | SC200 System Controls SI200 System Implementation |
| Suggested Time | 70 student learning hours |
| Prescription Expiry Date | Nov 2002 |
| Topics | Highest Skill Level | Suggested Assessment Percentage | |
| 1 Auditing | C | 15 | |
| 2 Conduct an Audit | P | 85 | |
| 100 | |||
| LEARNING OUTCOMES The Student Will | ||
| C | 1 | Demonstrate an understanding of the issues and techniques involved in auditing computer systems and the computer environment. |
| P | 2 | Conduct an audit of an operational system, or a system under development, or a small computer site, using a case study and present findings and recommendations, in the form of a report, to management. |
| 1 Auditing |
| 1 | REVIEW | |
| - | the systems development life cycle | |
| - | threats and countermeasures to computer systems | |
| - | categories of controls | |
| - | designing controls into computerised systems | |
| - | disaster planning and contingency control | |
| - | environmental threats and controls | |
| - | organisational threats and controls | |
| 2 Conduct an Audit |
| - | identification of systems at risk | |
| - | defining terms of reference | |
| - | designing, conducting and evaluating tests | |
| > | Presentation of results and derivation of recommendations. | |
| Note | ||
| > | Real systems and businesses must be used in the case study. | |