Information system auditing

General data
Course Title Information system auditing
ECTS credits 5
Course Code  
Type of Course  Compulsory
Year and Semester of Study  First year / Winter semester
Course Website  -
Department  Department of Informatics
Course Coordinator  Professor Mario Spremić, PhD
Instructors  Professor Mario Spremić, PhD
Assistants  -
Type of Degree Program  Graduate Study Programme
Major  -
Hours per Semester 30
Language of Instruction  English
Class Schedule                                                Schedule 


 
Course Contents:
1. Introduction
2. Necessity for information system auditing in business
3. Methods for measuring the information system quality and assurance
4. Information system auditing and other types of auditing
5. Steps in conducting information system auditing
6. Methods in conducting information system auditing (CobiT, ISO 27001, ITIL, SoX)
7. Management of information system and risk of their usage
8. Methods for assessing the risks in the IS environment
9. Specific IT risks. Why IT projects fail?
10. Examples from businesses, industries, case study analyses
11. Information systems and control mechanisms
12. IT Governance and IS auditing
13. Case studies
Description of general and specific competences (knowledge and skills) to be developed by this course:
The course provides students the basic knowledge in information system management, review of methodology for information system audit planning and managing as well as for analysing the control mechanisms in information systems.
The specific knowledge and skills that can be achieved are: methodology for conducting information system audit project with risk evaluation techniques as well as using the software for information system auditing (in the computer lab).
Teaching methods:
Lectures, seminars, tutorials, individual assignments on case study examples, team work in preparing and presenting ICT projects
Additional requirements for students:
 Active involvement and in-class participation (reading course literature, preparing and analysing case study examples). Project/Case Study presentation
Assessment/examination method:

 Team project, individual case study/project presentation, test, written essay

Required reading:
Panian, Željko, Spremić, Mario i suradnici (2007): Korporativno upravljanje i revizija informacijskih sustava, Zgombić i partneri, Zagreb.
Hunton, J.E., Bryant, S.M., Bagranoff, N.A. (2004): Information technology Audit, John Wiley & Sons.
Recommended reading:
Panian, Ž. (2001): Kontrola i revizija informacijskih sustava, Sinergija, Zagreb.
Champlain, J., (2003): Auditing Information Systems, John Wiley & Sons.
Weber, R. (1999): Information Systems Control and Audit, Prentice Hall, New Jersey.
Course and teaching quality assurance method (method of monitoring the quality of the course and its teaching):
 Course evaluation will be conducted by anonymous student survey at the end of the course.
Course Prerequisites
-
Additional Information
-