Students

ACCG3058 – Information Systems Audit and Assurance

2023 – Session 1, In person-scheduled-weekday, North Ryde

General Information

Download as PDF
Unit convenor and teaching staff Unit convenor and teaching staff Unit Convenor / Lecturer
Matthew Mansour
Check ilearn
Check ilearn
Moderator
Ali Amrollahi
N/A
Credit points Credit points
10
Prerequisites Prerequisites
ACCG250 or ACCG2050
Corequisites Corequisites
Co-badged status Co-badged status
Unit description Unit description

This unit further develops an understanding of internal and operational controls as well as knowledge of the organisation as it relates to information systems (IS) audit and assurance. Students will examine the risks associated with information systems using frameworks that provide professional standards, guidelines, tools and techniques for IS audit and control. The risk-based approach to IS audit is developed so that students have an understanding of inherent risks, control risks and detection risks. Students will be exposed to computer auditing tools and techniques that both directly and indirectly examine the internal logic of an organisation's applications. In this unit students develop graduate capabilities in a range of areas, including: critical analysis skills in information management and analysis; problem-solving skills in sourcing and identifying relevant information and interpreting output in a multidisciplinary environment; and communication and negotiation skills.

Important Academic Dates

Information about important academic dates including deadlines for withdrawing from units are available at https://www.mq.edu.au/study/calendar-of-dates

Learning Outcomes

On successful completion of this unit, you will be able to:

  • ULO1: Evaluate and demonstrate the importance of Information Systems Audit for Information Systems Governance for organisations
  • ULO2: Assess Information Systems risks and controls and their implications for organisations.
  • ULO3: Explain how Information Systems audit objectives provide effective Information Systems Governance
  • ULO4: Evaluate and explain Information Systems audit tools and techniques.
  • ULO5: Construct a critical synthesised evaluation of and response to Information Systems audit risk assessments.

General Assessment Information

Late Assessments / Special Consideration

Unless a Special Consideration request has been submitted and approved, a 5% penalty (of the total possible mark) will be applied each day a written assessment is not submitted, up until the 7th day (including weekends). After the 7th day, a grade of ‘0’ will be awarded even if the assessment is submitted. Submission time for all written assessments is set at 11.55pm. A 1-hour grace period is provided to students who experience a technical concern.   

 

For any late submissions of time-sensitive tasks, such as scheduled tests/exams, performance assessments/presentations, and/or scheduled practical assessments/labs, students need to submit an application for Special Consideration. 

Special Consideration

To request an extension on the due date/time for a timed or non-timed assessment task, you must submit a Special Consideration application. An application for Special Consideration does not guarantee approval.

The approved extension date for a student becomes the new due date for that student. The late submission penalties above then apply as of the new due date.

Assessment Tasks

Name Weighting Hurdle Due
Assessed Coursework 30% No Weeks 4 / 6 / 8 / 10 / 12
Case Study 30% No Week 7
Final Exam 40% No Exam Period

Assessed Coursework

Assessment Type 1: Participatory task
Indicative Time on Task 2: 25 hours
Due: Weeks 4 / 6 / 8 / 10 / 12
Weighting: 30%

 

Each activity will be undertaken in the timeframe allocated during the tutorials and must be submitted at the end of tutorial by each student. Each activity is worth 10%. There will be 3 in-class tasks for this assessment during 3 random weeks of the session (between weeks 3 to 12). The task will take the form of a group discussion (5-6 students per group) followed by each student completing the assessment task individually.

 


On successful completion you will be able to:
  • Evaluate and demonstrate the importance of Information Systems Audit for Information Systems Governance for organisations
  • Assess Information Systems risks and controls and their implications for organisations.
  • Explain how Information Systems audit objectives provide effective Information Systems Governance
  • Evaluate and explain Information Systems audit tools and techniques.

Case Study

Assessment Type 1: Case study/analysis
Indicative Time on Task 2: 25 hours
Due: Week 7
Weighting: 30%

 

Students are required to prepare an Information Systems audit report. Full details of the assignment (assignment objectives, question material, requirements, etc) will be made available through the unit’s iLearn.

 


On successful completion you will be able to:
  • Evaluate and demonstrate the importance of Information Systems Audit for Information Systems Governance for organisations
  • Assess Information Systems risks and controls and their implications for organisations.
  • Explain how Information Systems audit objectives provide effective Information Systems Governance
  • Evaluate and explain Information Systems audit tools and techniques.
  • Construct a critical synthesised evaluation of and response to Information Systems audit risk assessments.

Final Exam

Assessment Type 1: Examination
Indicative Time on Task 2: 40 hours
Due: Exam Period
Weighting: 40%

 

A 2.5 hour (plus 10 minutes reading time) examination will be held during the University Examination Period. The final exam is designed to let students demonstrate the knowledge and skills they have attained during the session.

 


On successful completion you will be able to:
  • Evaluate and demonstrate the importance of Information Systems Audit for Information Systems Governance for organisations
  • Assess Information Systems risks and controls and their implications for organisations.
  • Explain how Information Systems audit objectives provide effective Information Systems Governance
  • Evaluate and explain Information Systems audit tools and techniques.
  • Construct a critical synthesised evaluation of and response to Information Systems audit risk assessments.

1 If you need help with your assignment, please contact:

  • the academic teaching staff in your unit for guidance in understanding or completing this type of assessment
  • the Writing Centre for academic skills support.

2 Indicative time-on-task is an estimate of the time required for completion of the assessment task and is subject to individual variation

Delivery and Resources

Teaching and Learning Strategy

ACCG3058 is taught via lectures (Live in class - recorded by Echo) and tutorials (Live on campus OR Live via Zoom - check timetables.mq.edu.au for which classes are on campus and which are online. NB. You cannot mix modes).

Lectures are used to introduce new material, give examples of IS Audit and Assurance and put them in a wider context.

Tutorials are small group classes which give you the opportunity to interact with your peers and with a tutor who has a sound knowledge of the subject. This also gives you a chance to practice your soft skills. NB. For this semester for ACCG3058, tutorials start in week 2 and the Lectures start in week 1.

You have many opportunities to seek for and to receive feedback. During lectures, you are encouraged to ask the lecturer questions to clarify anything you might not be sure of. 

Each week you should:

  • Attend live lectures, take notes, ask questions
  • Attend your tutorials and seek feedback from your tutor on your work
  • Read assigned reading material, add to your notes and prepare questions for your lecturer or tutor
  • Start working on any assessments immediately after they have been released.

Lecture notes are made available each week but these notes are intended as an outline of the lecture only and are not a substitute for your own notes or reading additional material.

Classes

Each week you should attend 1.5 hours of live lectures , and a 1.5 hour tutorial class (on campus OR online via Zoom)

Please note that you are required to submit a certain number of assessments. Failure to do so may result in you failing the unit.

 

Textbook

It recommended to access to the following textbook(s):

Information Assurance Handbook 1e, Authors Corey Schou and Steven Hernandez, ISBN: 9781307383300

https://www.mheducation.com.au/9781307383300-aus-ebook-information-assurance-handbook-1e

Some copies of the text may also be available through the reserved section in the library. The content of this text forms the foundation of the unit, but material to be considered (and examined) will go beyond text content.

Technology used

iLearn: This unit will use iLearn as an online technology for students to access course material, announcements as well as any other documents related to this unit. Students are required to regularly check the iLearn for accessing up-to-dated information about the unit.

Echo is a multi-media learning tool that provides an audio of the lectures which students can download and listen to at their convenience. Echo will be made available at the end of each week via the unit’s website (iLearn).

Expectations and Workload

Students are expected to spend 150 hours working on this unit. As a guide a student should spend these approximate amounts of time on each of the following activities:

Tasks

Expected workload (hours)

Assessed coursework

35

IS Audit Report

50

Final Exam

65

Total

150

 

 

Unit Schedule

Class / Week 

Topic

Chapter

Tutorial

1

The Need for Information Security

1 & 2

No tutorial in week 1

2

Assets, Threats, Vulnerabilities, Risks, and Controls

3

Practice Assessment

3

Information Security management System

5

Prep Week

4

Planning for Security

6

Presentation Week

5

Asset Management /

Information Security Risk Management

9 & 10

Prep Week

6

Information Security in System Development / Physical and Environmental Security Controls

14 & 15

Presentation Week

 

7

Information Security Awareness, Training, and Education

/ Preventive Tools and Techniques

16 & 17

Prep Week

Report Due

8

Information Security Incident Handling

21

Presentation Week

9

Computer Forensics

22

Prep Week

10

Business Continuity

23

Presentation Week

11

Audits variations Small / Medium / Large Corps

 

Prep Week

12

Certification options / Guest Lecturer

 

Presentation Week

13

Final Exam Revision

 

Wrap Up tutorial

Policies and Procedures

Macquarie University policies and procedures are accessible from Policy Central (https://policies.mq.edu.au). Students should be aware of the following policies in particular with regard to Learning and Teaching:

Students seeking more policy resources can visit Student Policies (https://students.mq.edu.au/support/study/policies). It is your one-stop-shop for the key policies you need to know about throughout your undergraduate student journey.

To find other policies relating to Teaching and Learning, visit Policy Central (https://policies.mq.edu.au) and use the search tool.

Student Code of Conduct

Macquarie University students have a responsibility to be familiar with the Student Code of Conduct: https://students.mq.edu.au/admin/other-resources/student-conduct

Results

Results published on platform other than eStudent, (eg. iLearn, Coursera etc.) or released directly by your Unit Convenor, are not confirmed as they are subject to final approval by the University. Once approved, final results will be sent to your student email address and will be made available in eStudent. For more information visit ask.mq.edu.au or if you are a Global MBA student contact globalmba.support@mq.edu.au

Academic Integrity

At Macquarie, we believe academic integrity – honesty, respect, trust, responsibility, fairness and courage – is at the core of learning, teaching and research. We recognise that meeting the expectations required to complete your assessments can be challenging. So, we offer you a range of resources and services to help you reach your potential, including free online writing and maths support, academic skills development and wellbeing consultations.

Student Support

Macquarie University provides a range of support services for students. For details, visit http://students.mq.edu.au/support/

The Writing Centre

The Writing Centre provides resources to develop your English language proficiency, academic writing, and communication skills.

The Library provides online and face to face support to help you find and use relevant information resources. 

Student Services and Support

Macquarie University offers a range of Student Support Services including:

Student Enquiries

Got a question? Ask us via AskMQ, or contact Service Connect.

IT Help

For help with University computer systems and technology, visit http://www.mq.edu.au/about_us/offices_and_units/information_technology/help/

When using the University's IT, you must adhere to the Acceptable Use of IT Resources Policy. The policy applies to all who connect to the MQ network including students.

 

 

Changes from Previous Offering

Updated Lecture Cases

Updated tutorials

New Report

Research & Practice, Global & Sustainability

This unit addresses global and sustainability issues as direct areas of study and as necessary implications arising from the materials, assessment and academic discussion and debate in classes/seminars. We promote sustainability by developing ability in students to research and locate information within accounting discipline. We aim to provide students with an opportunity to obtain skills which will benefit them throughout their career. The unit materials have a reference list at the end of each chapter/module/text containing all references cited by the author. These provide some guidance to references that could be used to research particular issues.

 

Changes since First Published

Date Description
03/02/2023 Adjusted the information for Study Load.

Unit information based on version 2023.01 of the Handbook