Written by
Checked by
Approved by
Valid date
Syahril Rizal, S.T., M.M., M.Kom.
M. Izman Herdiansyah, S.T, M.M., M.Kom.
1. Faculty : Computer Science
2. Study Program : Information Technology Grade : S1 Degree
3. Subject : Audit IT
4. Subject Code :
5. Pra requirement Subject :
6. Subject Status :
Description : This subject allows students to acquire, in pedagogic terms, the basic core knowledge of the field of Information Systems Audit and Control, the audit process and the protection of information, consistent with the ISACA Model Curriculum (Note 1), and to develop, in pragmatic terms, the necessary background and skills needed to enter the Information Systems Audit and Control profession (Note 2). This course aims to:
8. Competencies :
No Topic/ Learning Materials Sub Topic Sumber Pustaka Information
1 Chapter 1
Overview of Information System Audit
Chapter 2
Conducting an Information Systems Audit
- Need for Control and Audit of Computers - Effects of Computers on Internal Controls - Effects of Computers on Auditing
- Foundations of Information Systems Auditing
- The Nature of Controls - Dealing with Complexity - Audit Risks
- Types of Audit Procedures - Overview of Steps in an Audit
- Auditing Around or Through the Computer
- Weber, Ron. 1999. Information Systems Control And Audit. New Jersey : Prentice Hall
- Gondodiyoto, Sanyoto. 2009.
Pengelolaan Fungsi Audit Sistem informasi. Jakarta : Mitra Wacana Media
2 Chapter 3
Top Management Controls
Chapter 4
System Development Management Controls
- Evaluating the Planning Function - Evaluating the Organizing Function - Evaluating the Leading Function - Evaluating the Controlling Function
- Approaches to Auditing Systems Development - Normative Models of the Systems Development
Process
- Evaluating the Major Phases in the Systems Development process
- Appendix 4.1 Techniques for studying the Existing System : Structured Analysis
- Appendix 4.2 Techniques for studying the Existing System : Object-Oriented Analysis
- Appendix 4.3 Entity-Relationship Modeling - Appendix 4.4 Normalization
3 Chapter 5
Programming Management Controls
Chapter 6
Data Resource Management Controls
- The Program Development Life Cycle - Organizing the Programming Team - Managing the System Programming Group - Appendix 5.1 Techniques for program Design :
Functional Decomposition
- Appendix 5.2 Techniques for Program Design : Data Flow Design
- Appendix 5.3 Techniques for Program Design : Data Structure Design
- Appendix 5.4 Techniques for Program Design : Object-Oriented Design
- Motivations Toward the DA and DBA Roles - Functions of the DA and DBA
- Some Organizational Issues - Data Repository Systems - Control over the DA and DBA
- Weber, Ron. 1999. Information Systems Control And Audit. New Jersey : Prentice Hall
4 Chapter 7
Security Management Controls
Chapter 8
Operations Management Controls
- Conducting a Security Program
- Major Security Threats and Remedial Measures - Controls of Last Resort
- Some Organizational Issues
- Computer Operations - Network Operations - Data Preparation and Entry - Production Control
- File Library
- Documentation and Program Library - Help Desk / Technical Support
- Capacity Planning and Performance Monitoring - Management of Outsourced Operations
- Weber, Ron. 1999. Information Systems Control And Audit. New Jersey : Prentice
Hall
Quality Assurance Management Controls
Chapter 10 Boundary Controls
- QA Functions
- Organizational Considerations
- Relationship Between Quality Assurance and Auditing
- Cryptographic Controls - Access Controls
- Personal identification Numbers - Digital Signatures
- Plastic Cards - Audit Trail Controls - Existence Controls
Control And Audit. New Jersey : Prentice
Hall
8 Chapter 11 Input Controls
Chapter 12
Communication Controls
- Data Input Methods - Source Document Design - Data-entry Screen Design - Data Code Controls - Check Digits - Batch Controls - Validation of Data Input - Instruction Input
- Validation of Instruction Input - Audit Trail Controls
- Existence Controls
- Communication Subsystem Exposures - Physical Component Controls - Line Error Controls
- Flow Controls - Link Controls - Topological Controls - Channel Access Controls - Controls over Subversive Threats - Internetworking Controls
- Weber, Ron. 1999. Information Systems Control And Audit. New Jersey : Prentice Hall
- Gondodiyoto, Sanyoto. 2009.
- Communication Architectures and Controls - Audit Trail Controls
- Existence Controls 7 Chapter 13
Processing Controls
Chapter 14 Database Controls
- Processor Controls - Real Memory Controls - Virtual Memory Controls - Operating System Integrity - Application software Controls - Audit Trail Controls
- Existence Controls
- Access Controls - Integrity Controls
- Applications Software Controls - Concurrency Controls
- Cryptographic Controls - File Handling Controls - Audit Trail Controls - Existence Controls
- Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
9 MID Test exam
10 Chapter 15 Output Controls
Chapter 16 Audit Software
- Inference Controls
- Batch Output Production and Distribution Controls - Batch Report Design Controls
- Online Output Production and Distribution Controls - Audit Trail Controls
- Existence Controls
- Generalized Audit Software - Industry-specific Audit Software - High-level Languages
- Utility Software
- Weber, Ron. 1999. Information Systems Control And Audit. New Jersey : Prentice
- Expert Systems - Neural Network Software - Specialized Audit Software - Other Audit Software
- Basic Nature of Concurrent Auditing Techniques - Need for Concurrent Auditing Techniques - Types of Concurrent Auditing Techniques - Implementing Concurrent Auditing Techniques - Strengths / Limitations of Concurrent Auditing Techniques
- Weber, Ron. 1999. Information Systems Control And Audit. New Jersey : Prentice
Hall
12 Chapter 19
Interviews, Questionnaires and Control Flowcharts
- The Objects of Measurement
- General Characteristics of Performance Measurement Tools
- Types of Performance Meansurement Tools - Presenting Performance Measurement Results - Performance Measurement and Data Integrity
- Weber, Ron. 1999. Information Systems
- Meansures of Asset Safeguarding and Data Integrity
- Nature of the Global Evaluation Decision - Determinants of Judgment Performance
- Audit Technology to Assist the Evaluation Decision - Cost-effectiveness Considerations
Chapter 22
Evaluating System Effectiveness -- Overview of the Effectiveness Evaluation ProcessA Model of Information System Effectiveness - Evaluating System Quality
- Evaluating Information Quality - Evaluating Perceived Usefulness - Evaluating Perceived Ease of Use - Evaluating Computer Self-efficacy - Evaluating Information System use - Evaluating Individual Impact
- Evaluating Information System Satisfaction - Evaluating Organizational Impact
- Gondodiyoto, Sanyoto. 2009.
Pengelolaan Fungsi Audit Sistem informasi. Jakarta : Mitra Wacana Media
14 Chapter 23
Evaluating System Efficiency
-The Evaluation Process - Performance Indices - Workload Models - System Models
- Combining Workload and System Models
-- Weber, Ron. 1999. Information Systems Control And Audit. New Jersey : Prentice Hall
15 Chapter 24
Managing the Information System Audit Function
- Planning Function - Organizing Function - Staffing Function - Leading Function - Controlling Function
- Toward Information Systems Audit Professionalism - Some Futures of Information Systems Auditing
- Weber, Ron. 1999. Information Systems Control And Audit. New Jersey : Prentice Hall
16 Final test Exam
10. Evaluation :
1. Weber, Ron. 1999. Information Systems Control And Audit. New Jersey : Prentice Hall