ACCT 472 Computer Auditing and IT Controls Course Guide
ACCT 472 explores IT security and control issues from an accounting and auditing perspective as well as the impact technology has on business and business applications. Students will learn about the controls management puts in place to help ensure its business objectives are achieved. Students will learn about the tools and techniques used to identify and test these controls. Relevant technology and system issues will be discussed with the students. Topics may include security and control related to e-commerce, the internet, and computer auditing. The students will also learn how to use a commercially available Computer-Assisted Audit tool.
Specific, Assessable Learning Outcomes
At the end of the course, students will be able to:
1. Understand the theory of Information Systems auditing and its practical application.
2. Identify general and application controls and identify techniques for testing these controls.
3. Effectively communicate audit findings verbally and in writing.
4. Effectively work in teams.
Recommended Teaching Methodology
Faculty teaching the course is expected to utilize a variety of teaching styles and evaluation mechanisms throughout the semester. The use of case studies and projects and the assessment of written and/or communication skills is encouraged. Additional teaching methods may include the analysis and discussion of projects and in-class presentations by students.
Legal and Ethical Issues for IT Auditors
System access control
Data access control
System and security administration
Hardware security auditing
Software Security auditing and control
Network and Telecommunication Security
Accuracy and integrity
Authenticity of user
Trusted System Processing
Using Computer Assisted Audit Tools and Techniques
Fraud and Forensic Auditing
Recommended Assessment Measures
Each student will be required to prepare a written paper on an IT and/or audit related topic and give an oral presentation to the class. Quizzes and in-class exams as well as a final should be used to evaluate understanding of the theory of information systems auditing and the ability to identify general and application controls and techniques for testing those controls.
Statement of Expectations
This course is an elective for accounting majors.
The students will be expected to show an interest in the subject, the willingness to commit the necessary resources in terms of time and intellectual effort, and the willingness to actively participate in the skill development process.
The knowledge expected to be gained from this course is important throughout the student’s career. Most of the learning that will take place will not occur in the classroom. It will occur while working on the material outside of class – when reading, thinking critically, analyzing, and applying the concepts to real problems. The amount learned and the level of skill developed will be directly proportional to the amount of effort put forth in preparing for class.
The classes are opportunities to discuss and apply the material, to develop communication ability, and to create leadership skills. There are opportunities for the faculty member to provide insight, to help when appropriate, and to evaluate performance. Like any athletic or artistic endeavor, most of the knowledge acquisition and skill development takes place when practicing, not performing.
ACCT 300. Specifically, students must thoroughly understand economic transactions, the construction of basic financial statements, and the interrelationships that exist among the basic financial statements.
FINC 301 Students are expected to understand the role of finance within a firm and the basics of financial planning valuation, cost of capital and capital budgeting.
CSIS 010 A student is expected to possess a basic understanding of computer science
Institutional Mechanism for Providing Feedback for Continuous Quality Improvement
The faculty teaching the course will meet at least annually to discuss their results.