• A
  • A
  • A
  • ABC
  • ABC
  • ABC
  • А
  • А
  • А
  • А
  • А
Regular version of the site
For visually-impairedFor visually-impairedUser profile (HSE staff only)Search
Advanced search
Menu
HSE University
User profile (HSE staff only)Search
Advanced search

Course Syllabus

Bachelor 2020/2021

Information Systems Auditing, Controls and Assurance

Type: Elective course (Business Informatics)
Area of studies: Business Informatics
Delivered by: Department of Business Informatics
Where: Graduate School of Business
When: 4 year, 2 module
Mode of studies: distance learning
Instructors: Alexander Nikolaevich Biryukov
Language: English
ECTS credits: 4
Contact hours: 2

Course Syllabus

Full Syllabus

Abstract

Information systems (IS) are important assets to business organizations and are ubiquitous in our daily lives. With the latest IS technologies emerging, such as Big Data, FinTech, Virtual Banks, there are more concerns from the public on how organizations maintain systems’ integrity, such as data privacy, information security, the compliance to the government regulations. Management in organizations also need to be assured that systems work the way they expected. IS auditors play a crucial role in handling these issues. In the course “Information Systems Auditing, Controls and Assurance”, you will explore risks of information systems, and how to mitigate the risks by proper IS Controls. You will also get familiar with the IS Audit procedures and how they are applied during the IS development throughout the Systems Development Life Cycle (SDLC). Finally, you will get to observe how we can make the system changes more manageable using formal IS Management practices, such as Change Management Controls and Emergency Changes. The conversations between the course instructor - Prof. Percy Dias, and the IS auditing practitioner will give you a concrete idea on how IS auditors perform their duties, the qualities to become IS auditors and future prospects of IS auditing industry. This course is suitable for students and graduates from Information Systems, Information Technology and Computer Science, and IT practitioners who are interested to get into the IS auditing field. It is also a good starting point for learners who would like to pursue further studies for IS audit certifications – such as Certified Information Systems Auditor (CISA). https://www.coursera.org/learn/information-systems-audit
Learning Objectives

Learning Objectives

  • In the course “Information Systems Auditing, Controls and Assurance”, you will explore risks of information systems, and how to mitigate the risks by proper IS Controls. You will also get familiar with the IS Audit procedures and how they are applied during the IS development throughout the Systems Development Life Cycle (SDLC). Finally, you will get to observe how we can make the system changes more manageable using formal IS Management practices, such as Change Management Controls and Emergency Changes.
Expected Learning Outcomes

Expected Learning Outcomes

  • Information Security (INFOSEC)
  • Information Technology (IT) Management
  • IT Risk Management and Change Management
  • Information Systems (IS) Auditing
  • Information Systems Auditing
Course Contents

Course Contents

  • Introduction to Information Systems (IS) Auditing
    IS Auditing is related to risks, controls and assurance. In the first module, Prof. Dias introduces what risk is about. Getting deeper to risk, the 3-step risk management process is elaborated. To manage risks, controls need to be established. Prof. Dias also demonstrates with daily examples on what the controls are.
  • Perform IS auditing
    You may have heard of financial auditing, do you know the difference between IS auditing and financial auditing? You are going to explore more about IS auditing through the conversation between Prof. Dias and the IS audit practitioner. Prof. Dias then explains the general IS audit procedures and two major testings that IS auditors/compliance officers have to conduct. Prof. Dias also explains the procedure to obtain evidence in order to produce justified audit reports.
  • IS Maintenance and Control
    Information systems seldom remain static, it is common for users to make change requests to add new features, or refine existing functions some time after the information system launches. Organizations should follow a formal procedure to make the changes in their systems manageable. Prof. Dias is going to give you an overview on the change management controls which organizations should follow. Different kinds of maintenance practices, and Emergency Controls are also discussed in this module. Finally, Percy's conversations with the IS audit practitioner give you better insights on the future development of IS audit and how IS audit support the newly emerged FinTech industry.
  • Business Application Development and the Roles of IS Auditors
    T practitioners develop business applications following the Systems Development Life Cycle (SDLC). IS auditors are in place to ensure the controls are implemented to mitigate the risks of developing application systems throughout the SDLC. Prof. Dias is going to review what IT practitioners usually do, and further elaborate the role that IS auditors play in different phases of SDLC.
Assessment Elements

Assessment Elements

  • non-blocking Практическое упражнение к теме №1, выполненное в ходе изучения онлайн курса на платформе Coursera
  • non-blocking Практическое упражнение к теме №2, выполненное при прохождении онлайн курса на платформе Coursera
  • non-blocking Практическое упражнение к теме №3, выполненное при прохождении онлайн курса на платформе Coursera
  • non-blocking Практическое упражнение к теме №4, выполненное при прохождении онлайн курса на платформе Coursera
  • non-blocking Экзамен
    Перезачет оценки, полученной по итогам прохождения онлайн курса на платформе Coursera. Перевод оценки в итоговую оценку в десятибалльной шкале производится путем деления оценки, полученной по итогам прохождения онлайн курса на платформе Coursera, на 10 и округления полученного результата по правилам математического округления
Interim Assessment

Interim Assessment

  • Interim assessment (2 module)
    0.247 * Практическое упражнение к теме №1, выполненное в ходе изучения онлайн курса на платформе Coursera + 0.247 * Практическое упражнение к теме №2, выполненное при прохождении онлайн курса на платформе Coursera + 0.248 * Практическое упражнение к теме №3, выполненное при прохождении онлайн курса на платформе Coursera + 0.248 * Практическое упражнение к теме №4, выполненное при прохождении онлайн курса на платформе Coursera + 0.01 * Экзамен
Bibliography

Bibliography

Recommended Core Bibliography

  • Аудит информационных технологий : учебник, Грекул, В. И., 2015
  • Долженко А.И. - Управление информационными системами - Национальный Открытый Университет "ИНТУИТ" - 2016 - 180с. - ISBN: - Текст электронный // ЭБС ЛАНЬ - URL: https://e.lanbook.com/book/100530
  • Исаев Г.Н., Роганов А.А. - Управление информационными системами. (Бакалавриат) - КноРус - 2020 - 346с. - ISBN: 978-5-406-07674-3 - Текст электронный // ЭБС BOOKRU - URL: https://book.ru/book/935943

Recommended Additional Bibliography

  • Аудит информационных систем в условиях компьютерной обработки данных : автореф. дис. ... канд. экон. наук : 08.00.12, Баранова, О. В., 2009
  • Аудит информационных систем, Ситнов, А. А., 2014