Students
ACCG887 – Advanced Information System Audit and Assurance
2019 – S1 Evening
General Information
Download as PDF
| Unit convenor and teaching staff |
Unit convenor and teaching staff
Lecturer
Matthew Mansour
Check ilearn
Check ilearn
Moderator
Yvette Blount
E4A 341
N/A
|
|---|---|
| Credit points |
Credit points
4
|
| Prerequisites |
Prerequisites
Admission to MCyberSec
|
| Corequisites |
Corequisites
|
| Co-badged status |
Co-badged status
|
| Unit description |
Unit description
This unit develops an understanding of internal and operational controls as well as knowledge of the organisation as it relates to information systems (IS) audit and assurance with an emphasis on cyber security.
Students will examine the risks associated with information systems using frameworks that provide professional standards, guidelines, tools and techniques for IS auditing. The risk-based approach to IS audit is developed so that students will have exposure in risks and controls analysis to different IS environments and platforms. Students will learn how to create IS audit plans and reports to examine IS security of an organisation's applications. In this unit students develop graduate capabilities in a range of areas, including: critical analysis skills in information management and analysis; problem solving skills in sourcing and identifying relevant information and interpreting output in a multidisciplinary environment; and communication and negotiation skills.
|
Important Academic Dates
Information about important academic dates including deadlines for withdrawing from units are available at https://www.mq.edu.au/study/calendar-of-dates
Learning Outcomes
On successful completion of this unit, you will be able to:
- Evaluate and demonstrate the importance of IS Audit for IS Governance for organisations.
- Assess IS risks and controls and their implications for organisations.
- Explain how IS audit objectives provide effective IS Governance.
- Evaluate and explain IS audit tools and techniques.
- Construct a critical synthesised evaluation of and response to IS audit risk assessments.
Assessment Tasks
| Name | Weighting | Hurdle | Due |
|---|---|---|---|
| Assessed Coursework | 30% | No | Weekly (6 weeks random) |
| IS Audit Report | 30% | No | Week 7 |
| Business Simulation | 40% | No | Week 11 |
Assessed Coursework
Due: Weekly (6 weeks random)
Weighting: 30%
Submission
Each activity will be submitted at the end of seminar and must be undertaken during the timeframe allocated during the seminars. Each week seminar activities or tests will be assigned to students without prior notice. It will be a combination of individual and group based activities. Each activity is worth 5%. The seminar assessments will be random during week 2 to week 12. It will be 6 random collections for this assessment. The work will be mixed from tutorial written submissions to live presentations.
Extensions
No extensions will be granted. Students who have not submitted the task prior to the deadline will be awarded a mark of 0 for the task, except for cases in which an application for special consideration is made and approved. Please refer to https://students.mq.edu.au/study/my-study-program/special-consideration
Penalty for Late Submission
Not applicable.
On successful completion you will be able to:
- Evaluate and demonstrate the importance of IS Audit for IS Governance for organisations.
- Assess IS risks and controls and their implications for organisations.
- Explain how IS audit objectives provide effective IS Governance.
- Evaluate and explain IS audit tools and techniques.
IS Audit Report
Due: Week 7
Weighting: 30%
Students are required to prepare an IS audit report. Full details of the assignment (assignment objectives, question material, requirements, etc) will be made available through the unit’s website. NB. This is an individual assessment.
Submission
- Students will need to upload their assignment to http://ilearn.mq.edu.au (Turn-it-in) by 11:59 p.m. on Friday 12th April (week 7). Otherwise your assignment will be considered late. Late assignment will also be submitted via Turn-it-in.
Extension
- No extensions will be granted. Students who have not submitted the task prior to the deadline will be awarded a mark of 0 for the task, except for cases in which an application for special consideration is made and approved. Please refer to https://staff.mq.edu.au/work/strategy-planning-and-governance/university-policies-and-procedures/policies/special-consideration
Late Penalty
- Late tasks will be accepted up to 72* hours after the submission deadline. There will be a deduction of 20%* of the total available marks made from the total awarded mark for each 24 hour period or part thereof that the submission is late (for example, 25 hours late in submission – 40% penalty). This penalty does not apply for cases in which an application for special consideration is made and approved.
On successful completion you will be able to:
- Evaluate and demonstrate the importance of IS Audit for IS Governance for organisations.
- Assess IS risks and controls and their implications for organisations.
Business Simulation
Due: Week 11
Weighting: 40%
The business simulation activity aims to create an exit meeting environment between IS auditors and clients. Students will be required to work in teams to prepare an audit plan, audit table and report, etc on a case study. Further details available on ilearn. NB. This is a group assessment.
Submission
- Students will need to upload their assignment to http://ilearn.mq.edu.au (Turn-it-in) by 11:59 p.m. on Wednesday 22nd May (week11). Otherwise your assignment will be considered late. Late assignment will also be submitted via Turn-it-in.
Extension
- No extensions will be granted. Students who have not submitted the task prior to the deadline will be awarded a mark of 0 for the task, except for cases in which an application for special consideration is made and approved. Please refer to https://staff.mq.edu.au/work/strategy-planning-and-governance/university-policies-and-procedures/policies/special-consideration
Late Penalty
- Late tasks will be accepted up to 72* hours after the submission deadline. There will be a deduction of 20%* of the total available marks made from the total awarded mark for each 24 hour period or part thereof that the submission is late (for example, 25 hours late in submission – 40% penalty). This penalty does not apply for cases in which an application for special consideration is made and approved.
On successful completion you will be able to:
- Evaluate and demonstrate the importance of IS Audit for IS Governance for organisations.
- Assess IS risks and controls and their implications for organisations.
- Explain how IS audit objectives provide effective IS Governance.
- Construct a critical synthesised evaluation of and response to IS audit risk assessments.
Delivery and Resources
Face to face hours
This unit will be taught in the form of weekly 3 hour seminars. This is a combination of lectures and tutorial. Students are required to enrol in one seminar (3 hours of face to face teaching) for this unit. Class attendance for this unit is compulsory. Students are required to attend a minimum of 10 out 13 seminars. The timetable is available at http://timetables.mq.edu.au. The teaching strategies are outlined below:
Seminar:
- Students are required to enrol in seminars online. Seminar enrolment will be closed after the first week of semester. There is no change after this deadline. It is important that you attend the seminar that you are enrolled in. If you attend the seminar that you are not enrolled in, it will not be counted toward the attendance record, with an exception of seminars held on the week of public holidays.
- Any changes to seminars must be made through e-student. You have to finalise your classes by the end of week 2 after which changes are no longer possible.
- Classes scheduled for public holidays will not be held. Students with classes on public holiday should arrange to sit in on another class of your choice for that week only. However, it is not compulsory to attend.
- Your attendance may not be marked if you arrive more than 15 minutes late to your seminars, unless there is an appropriate reason provided to your lecturer.
Textbook
It recommended to access to the following textbook(s):
Information Assurance Handbook 1e, Authors Corey Schou and Steven Hernandez, ISBN: 9781307383300
https://www.mheducation.com.au/9781307383300-aus-ebook-information-assurance-handbook-1e
Some copies of the text may also be available through the reserved section in the library. The content of this text forms the foundation of the unit, but material to be considered (and examined) will go beyond text content.
Technology used
iLearn: This unit will use iLearn as an online technology for students to access course material, announcements as well as any other documents related to this unit. Students are required to regularly check the iLearn for accessing up-to-dated information about the unit.
Echo is a multi-media learning tool that provides an audio of the lectures which students can download and listen to at their convenience. Echo will be made available at the end of each week via the unit’s website (iLearn).
Expectations and Workload
Students are expected to spend 150 hours working on this unit. As a guide a student should spend these approximate amounts of time on each of the following activities:
|
Tasks |
Expected workload (hours) |
|
Assessed coursework |
35 |
|
IS Audit Report |
50 |
|
Business Simulation |
65 |
|
Total |
150 |
Unit Schedule
|
Class |
Topic |
Chapter |
|
1 |
The Need for Information Security |
1 & 2 |
|
2 |
Assets, Threats, Vulnerabilities, Risks, and Controls |
3 |
|
3 |
Information Security management System
|
5 |
|
4 |
Planning for Security |
6 |
|
5 |
Asset Management / Information Security Risk Management
|
9 & 10 |
|
6 |
Information Security in System Development / Physical and Environmental Security Controls
|
14 & 15 |
|
7 |
Information Security Awareness, Training, and Education / Preventive Tools and Techniques
|
16 & 17 |
|
8 |
Information Security Incident Handling |
21 |
|
9 |
Computer Forensics |
22 |
|
10 |
Business Continuity
|
23 |
|
11 |
Business simulation activity presentation |
|
|
12 |
Business simulation activity presentation |
|
|
13 |
Unit Reflection & Certification options |
|
Policies and Procedures
Macquarie University policies and procedures are accessible from Policy Central (https://staff.mq.edu.au/work/strategy-planning-and-governance/university-policies-and-procedures/policy-central). Students should be aware of the following policies in particular with regard to Learning and Teaching:
- Academic Appeals Policy
- Academic Integrity Policy
- Academic Progression Policy
- Assessment Policy
- Fitness to Practice Procedure
- Grade Appeal Policy
- Complaint Management Procedure for Students and Members of the Public
- Special Consideration Policy (Note: The Special Consideration Policy is effective from 4 December 2017 and replaces the Disruption to Studies Policy.)
Undergraduate students seeking more policy resources can visit the Student Policy Gateway (https://students.mq.edu.au/support/study/student-policy-gateway). It is your one-stop-shop for the key policies you need to know about throughout your undergraduate student journey.
If you would like to see all the policies relevant to Learning and Teaching visit Policy Central (https://staff.mq.edu.au/work/strategy-planning-and-governance/university-policies-and-procedures/policy-central).
Student Code of Conduct
Macquarie University students have a responsibility to be familiar with the Student Code of Conduct: https://students.mq.edu.au/study/getting-started/student-conduct
Results
Results published on platform other than eStudent, (eg. iLearn, Coursera etc.) or released directly by your Unit Convenor, are not confirmed as they are subject to final approval by the University. Once approved, final results will be sent to your student email address and will be made available in eStudent. For more information visit ask.mq.edu.au or if you are a Global MBA student contact globalmba.support@mq.edu.au
Student Support
Macquarie University provides a range of support services for students. For details, visit http://students.mq.edu.au/support/
Learning Skills
Learning Skills (mq.edu.au/learningskills) provides academic writing resources and study strategies to improve your marks and take control of your study.
Student Services and Support
Students with a disability are encouraged to contact the Disability Service who can provide appropriate help with any issues that arise during their studies.
Student Enquiries
For all student enquiries, visit Student Connect at ask.mq.edu.au
If you are a Global MBA student contact globalmba.support@mq.edu.au
IT Help
For help with University computer systems and technology, visit http://www.mq.edu.au/about_us/offices_and_units/information_technology/help/.
When using the University's IT, you must adhere to the Acceptable Use of IT Resources Policy. The policy applies to all who connect to the MQ network including students.
Graduate Capabilities
PG - Capable of Professional and Personal Judgment and Initiative
Our postgraduates will demonstrate a high standard of discernment and common sense in their professional and personal judgment. They will have the ability to make informed choices and decisions that reflect both the nature of their professional work and their personal perspectives.
This graduate capability is supported by:
Learning outcomes
- Assess IS risks and controls and their implications for organisations.
- Evaluate and explain IS audit tools and techniques.
- Construct a critical synthesised evaluation of and response to IS audit risk assessments.
Assessment tasks
- Assessed Coursework
- IS Audit Report
- Business Simulation
PG - Discipline Knowledge and Skills
Our postgraduates will be able to demonstrate a significantly enhanced depth and breadth of knowledge, scholarly understanding, and specific subject content knowledge in their chosen fields.
This graduate capability is supported by:
Learning outcomes
- Evaluate and demonstrate the importance of IS Audit for IS Governance for organisations.
- Assess IS risks and controls and their implications for organisations.
- Explain how IS audit objectives provide effective IS Governance.
- Evaluate and explain IS audit tools and techniques.
- Construct a critical synthesised evaluation of and response to IS audit risk assessments.
Assessment tasks
- Assessed Coursework
- IS Audit Report
- Business Simulation
PG - Critical, Analytical and Integrative Thinking
Our postgraduates will be capable of utilising and reflecting on prior knowledge and experience, of applying higher level critical thinking skills, and of integrating and synthesising learning and knowledge from a range of sources and environments. A characteristic of this form of thinking is the generation of new, professionally oriented knowledge through personal or group-based critique of practice and theory.
This graduate capability is supported by:
Learning outcomes
- Assess IS risks and controls and their implications for organisations.
- Construct a critical synthesised evaluation of and response to IS audit risk assessments.
Assessment tasks
- Assessed Coursework
- IS Audit Report
- Business Simulation
PG - Research and Problem Solving Capability
Our postgraduates will be capable of systematic enquiry; able to use research skills to create new knowledge that can be applied to real world issues, or contribute to a field of study or practice to enhance society. They will be capable of creative questioning, problem finding and problem solving.
This graduate capability is supported by:
Learning outcomes
- Evaluate and demonstrate the importance of IS Audit for IS Governance for organisations.
- Explain how IS audit objectives provide effective IS Governance.
- Evaluate and explain IS audit tools and techniques.
- Construct a critical synthesised evaluation of and response to IS audit risk assessments.
Assessment tasks
- Assessed Coursework
- IS Audit Report
- Business Simulation
PG - Effective Communication
Our postgraduates will be able to communicate effectively and convey their views to different social, cultural, and professional audiences. They will be able to use a variety of technologically supported media to communicate with empathy using a range of written, spoken or visual formats.
This graduate capability is supported by:
Learning outcomes
- Evaluate and demonstrate the importance of IS Audit for IS Governance for organisations.
- Assess IS risks and controls and their implications for organisations.
- Evaluate and explain IS audit tools and techniques.
Assessment tasks
- Assessed Coursework
- Business Simulation
PG - Engaged and Responsible, Active and Ethical Citizens
Our postgraduates will be ethically aware and capable of confident transformative action in relation to their professional responsibilities and the wider community. They will have a sense of connectedness with others and country and have a sense of mutual obligation. They will be able to appreciate the impact of their professional roles for social justice and inclusion related to national and global issues
This graduate capability is supported by:
Learning outcome
- Explain how IS audit objectives provide effective IS Governance.
Assessment tasks
- Assessed Coursework
- IS Audit Report
- Business Simulation
Changes from Previous Offering
Inaugural semester
Research & Practice, Global & Sustainability
This unit addresses global and sustainability issues as direct areas of study and as necessary implications arising from the materials, assessment and academic discussion and debate in classes/seminars. We promote sustainability by developing ability in students to research and locate information within accounting discipline. We aim to provide students with an opportunity to obtain skills which will benefit them throughout their career. The unit materials have a reference list at the end of each chapter/module/text containing all references cited by the author. These provide some guidance to references that could be used to research particular issues.