Objectives and competences
The course aims to acquaint students with the fundamentals of information system auditing, which includes the perspective of the auditor and the individuals involved in the audit, as well as the perspective and importance of the auditee.
Content (Syllabus outline)
• Introduction to information system auditing: the concept of auditing information system, the legal basis, the role and importance of the information system auditor
• Preparing information system audit: risks identification, audit charter, audit plan
• Process of the information system audit: implementation steps
• Reporting on audit findings: preparing and understanding the audit report, communicating audit findings
• Communication and cooperation with the information system auditor: handling the required information and understanding the requirements.
Learning and teaching methods
• lectures
• case studies
• seminar work
• individual work
Intended learning outcomes - knowledge and understanding
On completion of this course the student will be able to
• Define the information system audit and the role the of information system auditor.
• Understand and carry out risk analysis as a basis for performing an information system audit.
• Design and understand the audit charter and audit plan.
• Understand and define the steps of performing an information system audit.
• Design the structure and understand the content of the audit report.
• Cooperate with the information system auditor.
Transferable/Key skills and other attributes:
• Communication skills: seminar work, presentation of the seminar work, oral defense.
• Organizational skills: defining the steps for the information system auditing process.
• Problem Solving: The correct approach to information system auditing.
• Working in a group: cooperation with the information system auditor and his colleagues.
Readings
• Hierarhija pravil revidiranja informacijskih sistemov, Uradni list RS. št. 40/2011
• Zakon o revidiranju, Uradni list RS, 65/08
• ISACA, IT Audit Framework (ITAF): A Professional Practices Framework for IT Audit, 4th edition, 2020