Auditing in Data Electronic Processing Environment

Base Knowledge

PT

Os objetivos e conteúdos foram preparados para alunos com poucos ou nenhums conheicmentos nestas áreas. 

ENG

The objectives and content have been prepared for students with little or no knowledge in these areas.

Teaching Methodologies

PT:Será utilizado o método expositivo e casos de estudo para validação e aplicação prática dos conhecimento adquiridos.

UK: The expositive method and case studies will be used for validation and practical application of the acquired knowledge.

Learning Results

PT: Dotar os alunos de conhecimento geral sobre auditorias em ambiente de processamento eletrónico de dados (EDP). O módulo irá estar alinhado com as principais boas práticas de mercado, em particular o conhecimento e certificações da ISACA (ex. COBIT, CISA, IT Audit Fundamentals) e utilizará casos de estudo para permitir uma aplicação prática do conhecimento adquirido.

UK: To equip students with general knowledge about auditing in an electronic data processing (EDP) environment. The module will be aligned with the main market best practices, in particular ISACA knowledge and certifications (e.g. COBIT, CISA, IT Audit Fundamentals) and will use case studies to allow a practical application of the knowledge acquired.

Program

PT:
1. Introdução – Introdução aos conceitos gerais de auditoria risco e controlo de ambientes EDP;
2. A evolução das TI e História do COBIT – Conhecer e entender o papel das TI nas organizações e como foi aumentando a sua importância até chegarmos ao conceito de Governança Corporativa da Informação e Tecnologias. Introdução à framework COBIT 5/COBIT 2019 e enquadramento da sua relevância para a função de auditoria e assurance de TI.
3. Os Princípios do COBIT 5/COBIT 2019 – Conhecer e entender os 5 princípios fundamentais da framework do COBIT 5/COBIT 2019 e como estes se relacionam com os conceitos e conhecimentos académicos e profissionais.
4. Os facilitadores de Governança e Gestão das TI – Conhecer e entender em detalhe os sete facilitadores do COBIT 5/COBIT 2019, mais especificamente o facilitador dos processos.
5. Auditorias de TI baseadas em COBIT 5/COBIT 2019 – Conhecer e entender a forma como a framework COBIT 5/COBIT 2019 pode ser utilizada para suportar o processo de auditoria e assurance de TI.

UK:
1. Introduction – Introduction to the general concepts of auditing risk and control in EDP environments;
2. The evolution of IT and History of COBIT – Knowing and understanding the role of IT in organizations and how its importance has increased until we get to the concept of Corporate Governance of Information and Technology. Introduction to COBIT 5/COBIT 2019 framework and framing of its relevance to the audit and IT assurance function.
3. The COBIT 5/COBIT 2019 Principles – Know and understand the 5 fundamental principles of the COBIT 5/COBIT 2019 framework and how they relate to academic and professional concepts and knowledge
4. The enablers of IT Governance and Management – Know and understand in detail the seven enablers of COBIT 5/COBIT 2019, specifically the process enabler.
5. IT Audit and Assurance based on COBIT 5/COBIT 2019 – Know and understand how the COBIT 5/COBIT 2019 framework can be used to support the IT auditing and assurance process.

Curricular Unit Teachers

Internship(s)

NAO

Bibliography

Fonte de informação principal

  • IT Audit and Assurance Student Book (https://www.isaca.org/membership/academic-advocates/it-audit-and-assurance-based-on-cobit-5-teaching-materials)
  • Caso de Estudo “Mercearia do seu Bairro” – Os estudantes podem desempenhar o papel de assistente do Chefe de Informação, designado com a criação de uma avaliação das operações da “A Mercearia do seu Bairro” utilizando o COBIT 5.

Fonte de informação relacionada:

  • De Haes, Steven; Wim Van Grembergen; Enterprise Governance of IT: Achieving Alignment and Value, 2nd edition, Springer, USA, 2015
  • De Haes, Steven; Wim Van Grembergen; ‘An Exploratory Study Into the Design of an IT Governance Minimum Baseline Through Delphi Research’, Communications of the Association for Information Systems, 22, 443–458, 2008
  • Thorp, John; The Information Paradox: Realizing the Business Benefits of Information Technology, McGraw-Hill Higher Education, USA, 2003
  • Van Grembergen, Wim; Steven De Haes; Enterprise Governance of IT: Achieving Strategic Alignment and Value, 1st edition, Springer, USA, 2009
  • ISACA, COBIT® 5, USA, 2012 (www.isaca.org/cobit)
  • De Haes, Steven; Wim Van Grembergen; ‘Prioritising and Linking Business Goals and IT Goals in the Financial Sector’, International Journal of IT/Business Alignment and Governance, 1(2), 47–67, 2010
  • Van Grembergen, Wim; Steven De Haes; Hilde Van Brempt; ‘Understanding How Business Goals Drive IT Goals’, ISACA, USA, 2008, http://www.isaca.org/Knowledge-Center/Research/ResearchDeliverables/Pages/Understanding-How-Business-Goals-Drive-IT-Goals.aspx
  • Kaplan, Robert S.; David P. Norton; ‘The Balanced Scorecard: Measures That Drive Performance’, Harvard Business Review, 70(1), 71–79, 1992
  • Weill, Peter; Jeanne W. Ross; IT Savvy: What Top Executives Must Know to Go from Pain to Gain, Harvard Business Press, USA, 2009
  • International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC); ISO/IEC 38500:2008: Corporate governance of information technology, Switzerland, 2008
  • Peterson, Ryan; ‘Crafting Information Technology Governance’, Information Systems Management, 21(4), 7–22, 2004
  • De Wit, Bob; Ron Meyer; Strategy Synthesis: Resolving Strategy Paradoxes to Create Competitive Advantage, Thomson Learning, United Kingdom, 2005
  • De Haes, Steven; Wim Van Grembergen; ‘An Exploratory Study Into IT Governance Implementations and Its Impact on Business/IT Alignment’, Information Systems Management, 26(2), 123–137, 2009
  • ISACA, COBIT® 5 for Assurance, USA, 2013