Professional Documents
Culture Documents
University
COLLEGE
COURSE CODE
FACULTY
: RVRCOB
: LBYMODT
: H. Concepcion
CLASS DAYS
AND CLASS
TIME
DEPARTMENT
CREDIT
TYPE OF
COURSE
ROOM
: Accountancy
: Three (3) units
: Major Subject
: J307
COURSE DESCRIPTION:
This course (LBYMODT or Auditing in a Computer Information Systems [CIS] Environment)
complements the course in Auditing, but limited to the areas that have an immediate
consequence to information technology (IT) as used in business. It discusses the impact of
information technology on the auditors study and evaluation of internal controls with emphasis
on the previously learned IT-related risks and controls in a CIS environment. It takes into
account the audit of IT function as a whole and the audit of CIS in support of financial statement
audit. It introduces tools and techniques in auditing around, auditing through, and auditing with
the computer (using Audit Command Language [ACL] as generalized audit software [GAS]).
LEARNING OUTCOMES:
UNIVERSITY EXPECTED
LASALLIAN GRADUATE
ATTRIBUTES (ELGA)
LEARNING OUTCOMES
On completion of the course, the student is
expected to be able to do the following:
A.
B.
Effective communicator
C.
1 of 8
REQUIRED OUTPUTS
DUE DATE
A.
Complete
proposed
solutions
problems and cases every meeting.
to
Day 1 to 9
B.
Day 1 to 9
C.
LO3:
Recognize
the
importance of laws and
regulations,
corporate
governance,
and
ethical
considerations in the context of
auditing and assurance in a
dynamic
domestic
and
international
business
environment.
Day 11
EXEMPLARY
96-100
SATISFACTORY
91-95
The student
provides
correct
solutions to
problems and
cases.
The student
provides
substantially
correct solutions
to problems and
cases.
2 of 8
DEVELOPIN
G
86-90
The student
provides partly
correct and
partly
incorrect
solutions to
problems and
cases.
BEGINNIN
G
81-85
The student
provides
mostly
incorrect
solutions to
problems
and cases.
RATING
Completeness
of solutions
(50%)
The student
prepared
solutions to
all problems
and cases
before
reporting to
class.
The student
prepared
solutions to most
problems and
cases before
reporting to
class.
The student
prepared
solutions to
some
problems and
cases before
reporting to
class.
The student
did not
prepare
substantially
solutions to
problems
and cases
before
reporting to
class.
RATING
EXEMPLARY
96-100
SATISFACTOR
Y
91-95
The studentpresenter
communicates
and explains
clearly the
solutions to the
problems or
cases, and
generates some
interest among
the audience.
DEVELOPIN
G
86-90
The studentpresenter
communicate
s and
explains
somewhat
clearly the
solutions to
the problems
or cases, and
generates
little interest
among the
audience.
BEGINNING
81-85
The studentpresenter
presents correct
solutions to the
problems or
cases by
showing certain
supporting
calculations or
proofs, and
somewhat
relating these to
the business
world.
The studentpresenter
presents
partly or
entirely
correct
solutions to
the problems
or cases by
showing
supporting
calculations
or proofs.
Oral Report
CRITERIA
Delivery (40%)
Presentation
content/solutio
n (30%)
The studentpresenter
communicate
s and
explains
clearly the
solutions to
the problems
or cases, and
generates
interest and
establishes
rapport
among the
audience.
The studentpresenter
presents
correct
solutions to
the problems
or cases by
showing all
relevant
supporting
calculations
or proofs, and
relating these
solutions to
the business
world.
3 of 8
The studentpresenter
communicate
s and
explains
vaguely the
solutions to
the problems
or cases, and
does not
generate
interest
among the
audience.
The studentpresenter
presents
incorrect
solutions to
the problems
or cases but
corrects the
solutions to
these
problems or
cases.
RATIN
G
CRITERIA
EXEMPLARY
96-100
Question and
answer (30%)
The studentpresenter
provides
correct or
valid answers
to the
questions,
explains
these clearly,
and presents
valid/sensible
arguments to
support/justify
the answers
to the
questions
raised.
SATISFACTOR
Y
91-95
The studentpresenter
provides correct
or valid answers,
explains these
somewhat
clearly, and
presents some
valid/sensible
arguments to
support/justify
the answers to
the questions
raised.
DEVELOPIN
G
86-90
The studentpresenter
provides
partly or
entirely
correct or
valid/sensible
answers,
explains
these
somewhat
clearly.
DEVELOPIN
G
86-90
The student
identifies less
interesting but
somewhat
relevant AIS
reliability
issues.
The student
provides
somewhat
valid, sensible
and logical
reflection of
issues
identified but
these are not
properly
supported by
valid, sensible
and logical
arguments or
supports.
BEGINNING
81-85
RATIN
G
The studentpresenter
provides
incorrect or
non-sensible
answers to
the questions
raised but
somehow
provides
partly or
entirely
correct or
valid/sensible
answers
through
follow-up
questions.
RATING
Reflection Paper
CRITERIA
EXEMPLARY
96-100
SATISFACTORY
91-95
Quality of
issues
identified (40%)
The student
identifies
interesting
and relevant
AIS reliability
issues.
The student
identifies
somewhat
interesting and
relevant AIS
reliability issues.
Depth and
quality (60%)
The student
provides
valid,
sensible and
logical
reflection of
issues
identified,
and provides
valid,
sensible, and
logical
arguments or
supports.
The student
provides
somewhat valid,
sensible and
logical reflection
of issues
identified, and
provides some
valid, sensible
and logical
arguments or
supports.
4 of 8
BEGINNIN
G
81-85
The student
identifies not
interesting
and not
relevant AIS
reliability
issues.
The student
provides
nonsensible
reflection of
issues
identified.
RATING
CRITERIA
EXEMPLARY
96-100
SATISFACTORY
91-95
DEVELOPIN
G
86-90
EXEMPLARY
96-100
The group
provides valid,
sensible and
logical case
analysis,
presents
feasible
alternatives
and solutions
to the case
problem, and
provides valid,
sensible and
logical
arguments or
supports.
SATISFACTORY
91-95
The group
provides
somewhat valid,
sensible and
logical case
analysis, presents
feasible
alternatives and
solutions to the
case problem,
and provides
some valid,
sensible and
logical arguments
or supports.
The group is
organized and
shows strong
teamwork and
camaraderie
as evidenced
in the written
case analysis.
The group is
organized and
shows teamwork
as evidenced in
the written case
analysis.
DEVELOPING
86-90
The group
provides
somewhat
valid, sensible
and logical
case analysis,
presents
somewhat
feasible
alternatives
and solutions
to the case
problem but
these are not
properly
supported by
valid, sensible
and logical
arguments or
supports.
The group is
somewhat
organized and
shows a hint of
teamwork as
evidenced in
the written
case analysis.
BEGINNIN
G
81-85
RATING
RATING
Teamwork
(20%)
BEGINNING
81-85
The group
provides
non-sensible
case
analysis,
presents
alternatives
and solutions
to the case
problem
which may
not be
feasible or
logical.
RATING
The group is
disorganized
and shows
lack of
teamwork as
evidenced in
the written
case
analysis.
TOTAL
5 of 8
GRADING SYSTEM:
GRADE POINT
4.0
3.5
3.0
2.5
2.0
1.5
1.0
0.0
DESCRIPTION
PERCENTAGE
Excellent
Superior
Very Good
Good
Satisfactory
Fair
Pass
Fail
97-100
94-96
91-93
87-90
83-86
77-82
70-76
Below 70
FINAL
GRADE
20%
20%
20%
20%
Quiz 1
Quiz 2
Quiz 3
Comprehensive Examination
Class Standing
Unit notes
Attendance
Class participation
Total
10%
5%
5%
100%
UNIT
LO1, LO2,
LO3
TOPICS
Orientation
OVERVIEW OF IT AUDIT
1.1 IT Governance
1.2 CobiT 4.1 versus CobiT 5
1.3 The work of an IT auditor
1.4 IT audit skills
1.5 The CISA exam
6 of 8
WEEK
NO.
NO. OF
HOURS
0.5
3.0
REF
LEARNING
ACTIVITIES
Hunton
(Ch1);
ISACA
website;
Tugas
Lecture,
Reporting,
Discussion,
and Exercises
LEARNING
OUTCOMES
UNIT
TOPICS
WEEK
NO.
NO. OF
HOURS
REF
LEARNING
ACTIVITIES
(2010);
Tugas
(2014)
LO1, LO2,
LO3
LO1, LO2,
LO3
LO1, LO2,
LO3
LO1, LO2,
7 of 8
3.0
Hall (Ch12);
RA 8792;
ISACA
website;
Wolfe &
Hermanson
(2004);
Tugas
(2012)
Lecture,
Reporting,
Discussion,
and Exercises
3.0
HB 286
SB209
Hall (Ch2)
Lecture,
Reporting,
Discussion,
and Exercises
2.0
3.0
Hall (Ch3)
PAPS 1013
Lecture,
Reporting,
Discussion,
and Exercises
LEARNING
OUTCOMES
LO3
LO1, LO2,
LO3
LO1, LO2,
LO3
LO1, LO2,
LO3
LO1, LO2,
LO3
UNIT
TOPICS
DATABASE SYSTEMS
5.1 Data management
approaches
5.2 Key elements of the database
environment
5.3 Database in a distributed
environment
5.4 Controlling and auditing data
management systems
QUIZ 2
AUDITING COMPUTER-BASED
INFORMATION SYSTEMS
6.1 The risk-based audit
approach
6.2 Information systems audits
6.3 Operational audits of an
accounting information
system
COMPLETING THE IT AUDIT
7.1 The IT audit life cycle
7.2 Four types of IT audit
7.3 Using CobiT to perform an
audit
ADVANCED TOPICS IN IT AUDIT
EMERGING ISSUES IN IT
SECURITY: CLOUD COMPUTING
8.1 Cloud computing
8.2 Advantages of cloud
computing
8.3 Risks of cloud computing
EMERGING ISSUES IN IT
SECURITY: TRUSTWORTHY
COMPUTING
9.1 Trustworthy computing
9.2 Radio-frequency identification
technology
9.3 Data-at-rest encryption
appliance technology
9.4 Quantum encryption
9.5 Privacy on the internet
9.6 Information security and civil
liberties in cyberspace
INTEGRATED
8 of 8
WEEK
NO.
NO. OF
HOURS
REF
3.0
Hall (Ch4)
LEARNING
ACTIVITIES
Lecture,
Reporting,
Discussion,
and Exercises
2.0
1/2
3.0
Romney
(Ch11)
Lecture,
Reporting,
Discussion,
and Exercises
1.5
Hunton
(Ch9)
Lecture,
Reporting,
Discussion,
and Exercises
2.0
Dela Cruz
(2014)
Lecture,
Reporting,
Discussion,
and Exercises
2.0
Slay (Ch11)
Lecture,
Reporting,
Discussion,
and Exercises
LEARNING
OUTCOMES
LO1, LO2,
LO3
UNIT
10
TOPICS
WEEK
NO.
NO. OF
HOURS
REF
LEARNING
ACTIVITIES
9.0
Hunton
(Ch8)
Hall (Ch7)
PAPS 1009
ACL in
Practice
Lecture,
Reporting,
Discussion,
and Exercises
QUIZ 3
2.0
COMPREHENSIVE EXAM
3.0
TOTAL HOURS
42.0
9 of 8
www.mhhe.com/louwers4e
http://www.aasc.org.ph/
http://www.isaca.org
http://www.isaca.org/cobit/documents/a-cobit-5-overview.pdf
10 of 8