Information Systems Auditing

Teaching Methodologies

Ideally, the classes will be taught in a computer room. Classes are theoretical and practical. The students will be motivated, since the beginning of the semester, to participate and to develop an audit report about a real information systems auditing process. Additionally, each student will do a peer review
process about other 2 reports. The students will present their report and will answer to all the questions made by the peer reviewers and by colleagues.
These learning and assessment methodologies aim to prepare students to real jobs: to intervene, argue research, do teamwork, do conflict management, prepare presentations and submit papers.

Learning Results

Acquisition of elementary knowledge on auditing procedures regarding the conduction of auditing processes.
The subject has as main goals the acquisition of elementary competences and knowledge of IS Auditing, namely regarding its most relevant norms: auditing general principles, technological and strategic auditing, technical standards, behavioral codes and computer auditing professional standards.
Students must acquire knowledge of the methods, paradigms and instruments adequate to the diagnosis, recommendations regarding the information system of an organization and the elaboration of an IS auditing reports
Acquisition of competences on Computer Assisted Audit Tools and complementary procedures available.
This unit intends to move to the acquisition on complementary skills on Auditing of an Information System considering the knowledge on some previous courses as Information Systems I and II.

Program

Part I – Concepts
1. Auditing Generic Concepts
2. Computer Auditing Concepts and international Certification process (CISA)
Part II HANDS
ON Standard Information Systems Audit Approach
3. Computer Systems Auditing Program
4. Safety Policies, Standards and Guidelines in Information Systems
4.1 Safety Policies in Information Systems
4.2 Standards in Information Systems
4.3 Guidelines in Information Systems
5. Application Auditing
6. Financial aspects, equipments and software
6.1 Contracts about software services
6.2 Equipment contracts analysis
6.3 SW and HW accounting treatment analysis
7. Physical Controls
8. Logic Controls
Part III Challenges
of the Information Systems Auditing
9. Encryption and cryptography
10. Forensic Auditing
10.1 Contextualising
10.2 Investigation
10.3 Cases Study
11. Auditing Tools
11.1 Auditing Tools Assisted by Computer: IDEA, Working Papers, AAF
11.2 Seminars

Internship(s)

NAO

Bibliography

Bibliografia Principal
Champlain, Jack J. Auditing
Information Systems: A Comprehensive Reference Guide, John Wiley & Sons; 2nd
Edition (25 Mar 2003), ISBN10:
0471281174
Cannon, David L., Bergmann, Timothy S., Pamplin, Brady CISA:
Certified Information Systems Auditor Study
Guide, Publisher: John Wiley & Sons; Pap/Cdr St edition (12 May 2006), ISBN10:
0782144381
Bibliografia auxiliar
Cascarino, Richard Auditor’s
guide to information systems auditing, John Wiley & Sons, 2007, ISBN: 9780470009895
Carneiro, Alberto Auditoria
de Sistemas de Informação, 2ªEdição Aumentada, FCA, 2002 ISBN:
9727224369
Hunton, James E., Bryant, Stephanie M. Core, Bagranoff, Nancy A. Concepts
of Information Technology
Auditing, John Wiley & Sons; Pap/Cdr edition (7 Oct 2003), ISBN10:
0471222933
Outros Materiais de Consulta
Textos de apoio desenvolvidos especificamente para a cadeira
Manuais de Aplicativos de suporte à Auditoria