Information Technology Controls and Auditing
This course will enable the students to learn key concepts and methods for managing information technology controls and audits. It will examine the foundations of IT audits and control, discussing what IT auditing involves and the guidance provided by organizations in dealing with control and auditability issues. It then analyzes the process of audit and review, explores IT governance and control, and discusses the COBIT framework and steps that align IT decisions with business strategy. The course will survey project management processes that ensure that projects are controlled from inception through integration. It continues by addressing auditing IT acquisition and implementation, describing risks and controls as related to the life cycle of application systems. It highlights the purchase and installation of new systems, as well as change management. It examines the auditing of IT operations in stand-alone and global environments, covering types of IT operations, issues related to specific platforms, risk and control assessment, audit methods and support tools. The students will learn how to tactically scope and plan information technology audits, identify key information technology risk areas within the enterprise, and gain perspective on leading practices for information technology management tasks.