General data | |
Course Title | Information system auditing |
ECTS credits | 5 |
Course Code | |
Type of Course | Compulsory |
Year and Semester of Study | First year / Winter semester |
Course Website | - |
Department | Department of Informatics |
Course Coordinator | Professor Mario Spremić, PhD |
Instructors | Professor Mario Spremić, PhD |
Assistants | - |
Type of Degree Program | Graduate Study Programme |
Major | - |
Hours per Semester | 30 |
Language of Instruction | English |
Class Schedule | Schedule |
Course Contents: | |
1. Introduction 2. Necessity for information system auditing in business 3. Methods for measuring the information system quality and assurance 4. Information system auditing and other types of auditing 5. Steps in conducting information system auditing 6. Methods in conducting information system auditing (CobiT, ISO 27001, ITIL, SoX) 7. Management of information system and risk of their usage 8. Methods for assessing the risks in the IS environment 9. Specific IT risks. Why IT projects fail? 10. Examples from businesses, industries, case study analyses 11. Information systems and control mechanisms 12. IT Governance and IS auditing 13. Case studies |
|
Description of general and specific competences (knowledge and skills) to be developed by this course: | |
The course provides students the basic knowledge in information system management, review of methodology for information system audit planning and managing as well as for analysing the control mechanisms in information systems. The specific knowledge and skills that can be achieved are: methodology for conducting information system audit project with risk evaluation techniques as well as using the software for information system auditing (in the computer lab). |
|
Teaching methods: | |
Lectures, seminars, tutorials, individual assignments on case study examples, team work in preparing and presenting ICT projects | |
Additional requirements for students: | |
Active involvement and in-class participation (reading course literature, preparing and analysing case study examples). Project/Case Study presentation | |
Assessment/examination method: | |
Team project, individual case study/project presentation, test, written essay |
|
Required reading: | |
Panian, Željko, Spremić, Mario i suradnici (2007): Korporativno upravljanje i revizija informacijskih sustava, Zgombić i partneri, Zagreb. Hunton, J.E., Bryant, S.M., Bagranoff, N.A. (2004): Information technology Audit, John Wiley & Sons. |
|
Recommended reading: | |
Panian, Ž. (2001): Kontrola i revizija informacijskih sustava, Sinergija, Zagreb. Champlain, J., (2003): Auditing Information Systems, John Wiley & Sons. Weber, R. (1999): Information Systems Control and Audit, Prentice Hall, New Jersey. |
|
Course and teaching quality assurance method (method of monitoring the quality of the course and its teaching): | |
Course evaluation will be conducted by anonymous student survey at the end of the course. | |
Course Prerequisites | |
- | |
Additional Information | |
- |