European Union Portugal 2020 - Agriculture and Rural Development Foundation for Science and Technology European University Foundation
Suggestions, Compliments, Complaints Terms & Conditions of Use Projects Co-financed by the European Union
©2026 Instituto Politécnico de Coimbra. Todos os direitos reservados.

Search

Information Systems Auditing

Home / Oferta Formativa / Coimbra Business School / Bachelor / Bachelor in IT Management

Teaching Methodologies

Classes are theoretical-practical, appealing to the development of the student’s critical sense, with learning based on problem-solving, challenges and case studies corresponding to failures or weaknesses in internal controls or attacks on computer systems.

Students are encouraged to take part in various activities, both inside and outside the classroom, and to develop a final Audit report on an IS with which they have regular contact, or to take part in a Job Shadowing activity previously organised. Each student will present their final report/job shadowing activity and answer questions posed by peer-reviewers and other colleagues. This teaching and assessment methodology aims to prepare students for practical life: intervening, arguing, researching, working in teams, managing conflicts, preparing presentations and presenting work.

The positioning of this curricular unit in the Degree in Management Informatics and the lack of any previous preparation – even of a general nature – in Auditing, implies that elementary knowledge of Auditing and Internal Control and the conduct and planning of auditing processes, the profile, skills and behaviour of the auditor in the context of data collection are transmitted.

Aspects related to communication (verbal or written) and behaviour (posture, attitude, professional ethics) in auditing are considered part of the fundamental soft skills in Information Systems Auditing.

Get to know the international reference organisations in the field of Auditing (ISACA and The Institute of Internal Auditors) as well as good international practices to adopt: Internal Control Frameworks and Frameworks for IT Governance. To this end, various experts are invited to take part in the classes.

The Computer Assisted Audit Tools (CAATs) approach allows students to become aware of the procedures and support tools available. This course aims, following on from knowledge of Information Systems I and Information Systems II, Computer Security and Databases, to guarantee complementary skills geared towards Auditing an Information System, Auditing applications, databases or the organisation’s controls.

The partnership between ISCAC and ISACA (www.isaca.org), through ISACA’s Academic Programmes, is particularly important in the context of this Curricular Unit, facilitating access to up-to-date and relevant documentation in the area of Information Systems Auditing (ISACA Journal), promoting the discussion of emerging issues worldwide and boosting student involvement in ISCAC’s ISACA Student Group (since May 2013).

Finally, students are expected to be able to intervene in the field of Information Systems Auditing by promoting events aimed at the general public, in this case by organising the ‘Digital Leaders of Tomorrow’ Seminar.

Learning Results

Objectives:

– To master the knowledge and procedures to be observed in Information Systems Auditing (ISA)

– Identify the appropriate profile for the profession of auditor and IS auditor

– Learn about ISA certifications and codes of ethics and conduct

– Know the methods, paradigms and instruments for diagnosing, auditing and making recommendations regarding IS

– Know how to draw up ISA reports using technical writing

– Understand the phases and good practices for auditing application controls, applications, cybersecurity programmes, artificial intelligenceimplementation projects, databases and cloud computing and outsourcing operations – know how to analyse quality policy procedures in ISA processes – Know CAAT to increase the efficiency and effectiveness of ISA.

Skills to be acquired:

– behave in accordance with the code of ethics and conduct for carrying out ISA- identify weaknesses in IS controls and propose corrections and new control rules.

Program

Part I – Concepts and Framework

  1. Generic concepts of auditing
  2. Concepts of Computer Auditing and the IT Internal Audit function
  3. Information Systems Audit Process

Part II – Auditing Techniques

  1. Auditing controls
  2. Auditing Applications
  3. Database audit
  4. Audit of Cybersecurity Programmes
  5. Auditing Cloud Computing and Outsourcing Operations
  6. Auditing the implementation of Artificial Intelligence Projects

10. Forensic Auditing (Seminar)

11. Data Auditing and Auditing Tools for Non-Computer Auditors

Internship(s)

NAO

Bibliography

Kegerreis, Mike, Schiller, Mike, Davis, Chris. (2019). IT Auditing Using Controls to Protect Information Assets, 3rd edition, McGraw Hill editors

Otero, Angel R., Information Technology Control and Audit, 5th Edition, Auerbach, 2019

Lewis Heuermann, Lewis. (2024).IT Audit Field Manual: Strengthen your cyber defense through proactive IT auditing 1st Edition, Packt Publishing Ltd.

Outros Materiais de Consulta

  • • Site ISACA, Information Systems Audit and Control Association (www.isaca.org)
  • • ISACA Journal: http://www.isacajournal-digital.org/isacajournal/Store.action
  • • Site “The Institute of Internal Auditors” (https://na.theiia.org/Pages/IIAHome.aspx)
  • • Slides de apoio desenvolvidos especificamente para a cadeira
  • • Outros Manuais de Aplicativos de suporte à Auditoria (IDEA, ACL, Working Papers)