Sei sulla pagina 1di 5

BUAC790-0502

Information Security, Audit and Control Syllabus

COURSE OBJECTIVES

CLASS TIMES

CLASS

LOCATION

Builds on basic information technology (IT) courses, focusing on key issues including IT security, IT controls, and IT auditing. Addressing issues such as auditing a computer information system; assessing risks; identifying control objectives; identifying appropriate audit procedures; learning the concepts and basic features or audit software thereby providing the tools for choosing audit software; conducting an operational audit basic controls over computer information systems; and developing world-class IT control frameworks.

Tuesday/Thursday 7:00 – 9:45 PM

1/22/2012 –

3/7/2012

VMH 1333

REQUIRED READING

Accounting Information Systems, Eighth Edition, by Hall, James A., South-

Western Publishing Cengage Learning (2013) ISBN-13: 978-1-111-97214-1. IDEA Workbook for IDEA Version Eight,

http://www.audimation.com/academic_workbook.html. Handouts provided during the class on latest IT security trends and issues, where

necessary. Being very familiar with the www.isaca.org website. Information Systems Audit and Control Association engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems.

INSTRUCTOR INFORMATION

Michael Shamari, CPA, CISA, CISM, CGEIT, CRISC, CITP, CGMA, CBCP, CRMA

Over 16 years experience auditing IT controls and security in public accounting and

internal audit. E-mail – mshamari@rhsmith.umd.edu

Cell Phone – 703-587-4147

Office Hours By Appointment

INSTRUCTIONAL APPROACH

The course will basically follow the two books, with additional materials provided that

will cover IT control concepts for information technology processing. Some of the latest trends in IT security and controls will be discussed and real-life examples and events will be illustrated. The course approach will be practical, including lectures that require interaction between the students and the instructor.

BUAC790-0502

Information Security, Audit and Control Syllabus

YOUR RESPONSIBILITIES

To attend all classes. Even though attendance will not be taken during class, there

is direct correlation between class attendance and grades. If you miss class, then you are responsible for obtaining the information covered during the class since the quizzes and tests will have questions based on the presentations provided by the instructor. To keep up with the reading by ensuring that each required reading is completed

before each class. To complete all the multiple choice questions at the end of each assigned chapter

before each class. This above all is the best way to ensure you have fully understood the material. Solutions to these homework assignments will be distributed after each class, where appropriate. To inform the instructor if you are at all confused by any of the material as soon as

possible. No talking, texting, or browsing the Internet during class sessions. Please be courteous to the instructor, as well as the other students.

MAKE-UP QUIZZES AND EXAMS

Make-up quizzes or exams will be given for reasons such as illness, personal injury, religious observance, and participation in University activities at the request of University authorities. The instructor recognizes that some of you may have work commitments that make attendance during a quiz or exam difficult. In order to qualify to take a make- up quiz or exam you must present the appropriate written documentation such as a medical or professional note in a timely manner. The date and location of the make-up will be determined by the professors.

CLASS PARTICIPATION

Students are encouraged to participate so they can learn from each other. Active involvement in learning increases what is remembered, how well it is assimilated, and how the learning is used in new situations. In making statements to peers about their own thoughts on a class topic, students must articulate those thoughts and also submit them to (hopefully constructive) examination by others. In listening to their peers, students hear many different ways of interpreting and applying class material, and thus are able to integrate many examples of how to use the information.

SPECIAL NEEDS

Any student with special needs should bring this matter to the instructor’s attention as soon as possible, but not later than the second week of class. The instructor will do everything he can to accommodate your needs.

BUAC790-0502

Information Security, Audit and Control Syllabus

DATA ANALYTICS

At least two classes will be spent on learning data analytics and the IDEA data analytics software. Bring your laptops which should have the IDEA Software CD downloaded, from the IDEA Workbook, as well as the IDEA Workbook during the scheduled dates where the IDEA Software is scheduled to be presented.

Please make sure that you attend the following free IDEA webinars (http://www.audimation.com/free-webcasts/) on the following dates when they will be provided:

Getting Started with IDEA: Importing and Analyzing Data on January 18, February 8,

or February 18. Effective Analytics Made Easy with IDEA - General Ledger/Journal Entries Testing

on January 24. Effective Analytics Made Easy with IDEA – Accounts Receivable on January 24.

Effective Analytics Made Easy with IDEA – Inventory Testing on January 24.

HONOR CODE

The University's Code of Academic Integrity is designed to ensure that the principles of academic honesty and integrity are upheld. All students are expected to adhere to this Code. The Smith School does not tolerate academic dishonesty. All acts of academic dishonesty will be dealt with in accordance with the provisions of this code. Please visit the following website for more information on the University's Code of Academic Integrity:

http://www.inform.umd.edu/CampusInfo/Departments/JPO/AcInteg/code_acinteg2

a.html

On each exam or assignment, you may be asked to write out and sign the following pledge. "I pledge on my honor that I have not given or received any unauthorized assistance on this exam/assignment."

GRADING

In the R. H. Smith MBA/MS core courses (including electives), the proportion of A-, A, and A+ grades should by policy lie between 30% and 40% in the event that no “C” or lower grades are given. This recommended target is across all sections of the core courses. Policy recommends that a class-average GPA of approximately 3.35 is achieved for the course grades. This means you will be graded on a curve.

BUAC790-0502

Information Security, Audit and Control Syllabus

GRADING & EVALUATION CRITERIA

EVALUATION CRITERIA

PORTION OF FINAL GRADE WITH FINAL EXAM

PORTION OF FINAL GRADE WITHOUT FINAL EXAM

Quizzes – Two quizzes will be administered.

20%

25%

Midterm Exam – The format will be multiple choice and true/false questions.

25%

35%

Group Presentation – Group presentations will be assigned based on pre-selected topics in emerging IT risks and threats. All members of the group MUST present. All members of the group will receive the same grade. 40% of the grade group grade will be provided by your audience, the other students, and the remaining 60% of the grade will provided by the instructor.

30%

40%

Final Exam – The final exam is optional and cumulative. You will know your grade before the final exam and you can decide if you would like to take the final exam. The format will be multiple choice and true/false questions.

25%

N/A

Total

100%

100%

GRADE CURVE

The following standard scale will be used to grade all assignments and exams and to calculate a course grade:

OVERALL NUMERIC GRADE

LETTER GRADE

LETTER GRADE DESCIPTION

97 - 100%

A+

Truly Exceptional

93

- 96%

A

Excellent

90

- 92%

A-

Very Strong

87

- 89%

B+

Strong

83

- 86%

B

Good

80

- 82%

B-

Acceptable

77

- 79%

C+

Weak

73

- 76%

C

Weak

70

- 72%

C-

Weak

67

- 69%

D+

Failure

63

- 66%

D

Failure

60

- 62%

D-

Failure

Below 60%

F

Failure

BUAC790-0502

Information Security, Audit and Control Syllabus

TENTATIVE CLASS SCHEDULE* *(Depending on class progress, the topic to be presented on a given class may vary.)

#

Date

 

Topics

Required Reading

1

Tuesday,

Introduction Overview of Accounting Information Systems

Read chapters 1 and 2 in their entirety before class.

January 22

2

Thursday,

Group Presentation Topics Computer Controls and Auditing

Read chapters 15 and 16 in their entirety before class.

January 24

3

Tuesday,

Computer Controls and Auditing (Continued)

Read chapter 17 and 11 in their entirety before class.

January 29

Enterprise Resource Planning Systems

 

4

Thursday,

Group Presentation Team Selections Due

Reading Assignment will be announced by January 28.

January 31

COBIT Instructor Feedback Due

 

5

Tuesday,

Quiz #1 - COBIT

Read chapter 12 in its entirety before class.

February 5

Group Presentation Topic Selections Due

Electronic Commerce Systems Review Instructor Feedback

 

6

Thursday,

Systems Development Activities

Read chapter 13 and 14 in their entirety before class.

February 7

7

Tuesday,

Midterm Exam – Classes 1-5 Data Analytics Introduction

N/A

February 12

8

Thursday,

IDEA Data Analysis Software – Bring your laptops and with the downloaded CD from the IDEA Workbook

Read sections 1 to 3 from the IDEA Workbook.

February 14

9

Tuesday,

IDEA Data Analysis Software (Continued) – Bring your laptops and with the downloaded CD from the IDEA Workbook

Read sections 4 to 6 from the IDEA Workbook.

February 19

10

Thursday,

Quiz #2 – Data Analytics 1 Class Presentation (Group 1)

N/A

February 21

11

Tuesday,

2 Class Presentations (Groups 2 and

N/A

February 26

3)

12

Thursday,

2 Class Presentations (Groups 4 and

N/A

February 28

5)

13

Tuesday,

2 Class Presentations (Groups 6 and

N/A

March 5

7)

14

Thursday,

Optional Cumulative Final Exam – Classes 1-13; COBIT; Data Analytics/IDEA; and Group Presentations

N/A

March 7