ISOM4300 Information Systems Control and Assurance Spring 2014‐15 Course Description This is the final course for BBA(IS) students who want to pursue their study in the field of IS Auditing. Students will equip themselves with the knowledge of IS Controls; IS Assurance; Systems Security, Efficiency and Effectiveness; Safeguard of Assets; and IT Governance. Students will also be able to take the Certified Information System Auditor (CISA) examination after taking this course. Main Topics include: Introduction to IT Auditing Auditing Change Management IT Service Delivery and Support Business Continuity and Disaster Recovery Staff Teaching Assistant Ms. Shirley Wong Room : LSK4065 Email: imswong@ust.hk Phone: 2358‐7653 Instructor Dr. Percy Dias Room : LSK4037 Email: percy@ust.hk Phone: 2358‐7654 Grading Mid Term Exam 40% Final Exam 60% Reference •ISACA‐CISA Review Manual 2014 UST Library Call #: QA76.3 .C487 2013 (Open Reserved 2 Hrs) QA76.3 .C487 2013 c.2 •ISACA‐CISA Review Manual 2013 UST Library Call #: QA76.3 .C487 2012 c.1 (Open Reserved 2 Hrs) QA76.3 .C487 2012 c.2 •ISACA‐CISA Review Manual 2012 UST Library Call #: QA76.3 .C487 2011 (Open Reserved 2 Hrs) QA76.3 .C487 2011 c.2 •ISACA‐CISA Review Manual 2011 UST Library Call #: QA76.3 .C487 2010 (Open Reserved 2 Hrs) QA76.3 .C487 2010 c.2 •ISACA‐CISA Review Manual 2010 UST Library Call #: QA76.3 .C487 2009 (Open Reserved 2 Hrs) QA76.3 .C487 2009 c.2 •ISACA‐CISA Review Manual 2009 UST Library Call #: QA76.3 .C487 2008 (Open Reserved 2 Hrs) QA76.3 .C487 2008 c.2 •Implementing Information Technology Governance Wim Van Grembergen and Steven de Haes ISBN : 978‐159904924‐3 UST Library Call #: HD30.2 .V363 2008eb •Information Technology Auditing and Assurance, 2nd Edition James A Hall, Tommie Singleton ISBN : 0‐324‐19198‐7 •Information Technology Control and Audit, 3rd Edition Sandra Senft, Frederick Gallegos ISBN : 978‐1‐4200‐6550‐3 •ExamPrep, CISA Certified Information System Auditor Michael Cregg ISBN : 978‐1‐60420‐046‐1 Que Certification •ISACA http://www.isaca.org •ISACA Hong Kong Chapter http://www.isaca.org.hk •HKUST BBA(IS)/ISACA Model Curriculum Alignment http://www.bm.ust.hk/ismt/isaudit/index.html Course Schedule Date Lectures Events Optional Readings/Lab 3/2 Introduction CISA Candidate Guide 5/2 10/2 12/2 17/2 24/2 26/2 3/3 Introduction to IT Auditing Role Of IT Auditor Review Questions Internal Audit Charter COBIT 5 ISACA IS Audit Standards and Guidelines Risk Assessment Rules 5/3 10/3 Auditing Change Management 12/3 Review Questions 17/3 19/3 24/3 26/3 Auditing IT Service Delivery and Support 31/3 Midterm Review Guideline 2/4 Midterm exam 9/4 14/4 16/4 21/4 BCP & DR HKMA: ‐Operational risk management ‐Supervision of e‐banking 23/4 28/4 30/4 BCP & DR ‐Business continuity planning ‐General principles for technology risk management 5/5 7/5 Final Exam Review Final Exam