Opportunities to Integrate Technology Into the Classroom. Presented by:

Similar documents
Business Process Design and Internal Audit UNIVERSITY OF TEXAS AT DALLAS Course Syllabus Spring 2005

Table of Contents. Preface xvii PART ONE: FOUNDATIONS OF MODERN INTERNAL AUDITING

Learning with the IIA Refreshing the profession: The New Internal Auditor. Jan Olivier 6 February 2019

Article II - Standards Section V - Continuing Education Requirements

CCSA, CFSA, CGAP Transition FAQs

The CIA Challenge Exam. August 2018

Computing Accreditation Commission Version 2.0 CRITERIA FOR ACCREDITING COMPUTING PROGRAMS

Major Program Selection Information. Information Systems An enriching path of study and career

INCREASE YOUR CHANCES OF PASSING THE CIA EXAM

NEW JERSEY INSTITUTE OF TECHNOLOGY. Initiation of Cyber Defense Option. for the Master of Science in

CRITERIA FOR ACCREDITING COMPUTING PROGRAMS

MIS 5201 IT Audit Process Syllabus. Spring :30 pm 8:30 pm, Every Monday starting 1/22/2017 (Ref. to Schedule Section below for details)

COPYRIGHTED MATERIAL. Index

Major Program Selection Information. Information Systems An enriching path of study and career

Exploring Emerging Cyber Attest Requirements

2018 CALENDAR OF ACTIVITIES

CISA EXAM PREPARATION - Weekend Program

A Global Look at IT Audit Best Practices

Memphis Chapter. President s Message. This annual event is designed to provide students with a

Auditing and assurance

Accounting Major (Last Revised 03/2019)

RISK MANAGEMENT Education and Certification

Exam Requirements v4.1

Accounting Major (Last Revised 2/2018)

Overview of ABET Kent Hamlin Director Institute of Nuclear Power Operations Commissioner TAC of ABET

The fast track to top skills and top jobs in cyber. Guaranteed.

We would like to announce to you a number of upcoming changes to the Certified Internal Auditor Exam:

How to Become a CMA (Certified Management Accountant) May 10, 2017

Certification. What: Who: Where:

The Integrated Auditor: Becoming the Go-to Resource Your Company Needs APRIL 24, 2018

ERO Compliance Enforcement Authority Staff Training

Cybersecurity & Privacy Enhancements

INTERNAL CONTROL, CORPORATE GOVERNANCE AND RISK MANAGEMENT

Guide To Internal Auditing Iatf Store

Integrated Assurance Embracing The Three Lines of Defense

ISACA Enterprise. Solutions and Resources

Risk Based IT Auditing Master Class. Unlocking your World to a Sea of Opportunities

IS Audit and Assurance Guideline 2002 Organisational Independence

Seminar Marketing Toolkit - Orlando

HYDERABAD CHAPTER OF ISACA FIFTEENTH ANNUAL REPORT

ISACA Cincinnati Chapter March Meeting

ACCOUNTING. Iowa State University

Syllabus Course: MIS Foundation of Information Systems Fall Semester, Credit Hours

Updated Frequently Asked Questions (FAQ) on Revision of ZICA Accountancy Programme

WHICH SOC REPORT IS RIGHT FOR YOUR CLIENT?

Tools & Techniques I: New Internal Auditor

ISO LEAD AUDITOR TRAINING

MIS5205 IT Service Delivery and Support Fall 2016

2018 IT Academy Program. December 2017

Certified Information Systems Auditor Training and Certification

CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018

2016 Global Council. Celebrating the Past Inspiring the Future. globaliia.org

Cia Part 3 Study Guide Uscitp

CPA Exam and Licensure Information and FAQs

Tips to Successfully Passing the GRC Professional Certification Exam

ALABAMA STATE BOARD OF PUBLIC ACCOUNTANCY ADMINISTRATIVE CODE

Building the Cybersecurity Workforce. November 2017

SSAE 18 & new SOC approach to compliance. Moderator Name: Patricio Garcia Managing Partner ControlCase Attestation Services

Health Education Community Health Education

Brink s Modern Internal Auditing. Eighth Edition

COBIT 5 Foundation Certification Training Course - Brochure

Preparing for the CPA Exam October 24, 2017

Hong Kong Institute of Certified Public Accountants Practising Certificate ("PC") Business Assurance

Become an IIA Exam Author!

OF ACCOUNTANTS IAASB CAG MEETING MARCH 7, 2011

BACHELOR OF SCIENCE IN INFORMATION TECHNOLOGY

Course Syllabus MIS Foundation of Information Systems Spring Semester, Credit Hours

ITIL v3. Qualification & Certification scheme. itsmf International The IT Service Management Forum 1

Course Syllabus MIS Foundation of Information Systems Spring Semester, Credit Hours. (Last updated: 1/16/2016)

Present. 5th May - Chennai. Internal. auditing. today: Beginning Auditor Tools and Techniques. 6 CPE hours.

ALABAMA STATE BOARD OF PUBLIC ACCOUNTANCY ADMINISTRATIVE CODE

Lahore University of Management Sciences. ACCT 250 Auditing Spring Semester 2018

Course Syllabus MIS Foundation of Information Systems Spring Semester, Credit Hours

Citation for published version (APA): Berthing, H. H. (2014). Vision for IT Audit Abstract from Nordic ISACA Conference 2014, Oslo, Norway.

building for my Future 2013 Certification

STATE OF NORTH CAROLINA OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA FAYETTEVILLE STATE UNIVERSITY

Janice Sipior, Villanova Joe Valacich, Washington State. Panelists:

Plenary Session: Branch Cybersecurity Controls Thursday, February 22 1:15 p.m. 2:15 p.m.

KENYA SCHOOL OF GOVERNMENT EMPLOYMENT OPORTUNITY (EXTERNAL ADVERTISEMENT)

Professional Certifications

Maintenance of Competency; Continuing Professional Education (CPE)

BOARD OF REGENTS ACADEMIC AFFAIRS COMMITTEE 4 STATE OF IOWA SEPTEMBER 12-13, 2018

Standard Course Outline IS 656 Information Systems Security and Assurance

FOUNDATIONS OF INFORMATION SYSTEMS MIS 2749 COURSE SYLLABUS Fall, Course Title and Description

ITSY Information Technology Security Course Syllabus Spring 2018

SOC 2 examinations and SOC for Cybersecurity examinations: Understanding the key distinctions

Volume 2014, Number 4. Volunteers Needed!

Accounting Ethics and Auditing

CPA (U) COURSE 2014/2015

Taking the Mystery Out of Counting CPE. Opening Remarks

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

CPA National Accreditation Standards for the ACAF Program and Applied Courses. Effective: May 19, 2017

ACCOUNTING (ACCT) Kent State University Catalog

I am pleased to confirm that the following exemptions will be granted to your Bachelor of Accounting (Hons) graduates.

Administrative Directive No. 4: 2011 Continuing Professional Education Requirements for All Certification Programs

BSc/MSci Professional Accounting in Business Programme Structure

HITRUST CSF: One Framework

DoD Financial Management Certification Program

M.S. IN INFORMATION ASSURANCE MAJOR: CYBERSECURITY. Graduate Program

Continuing Professional Education Policy: Requirements for Certification and Qualification Programs. (formerly known as Administrative Directive #4)

Transcription:

Opportunities to Integrate Technology Into the Classroom Presented by: Mark Salamasick, CIA, CISA, CRMA, CSP Executive Director of Audit University of Texas System

Discussion Topics Internal Audit Textbook Update First Internal Audit Class and Technology Approach to IT Audit Class Data Analytics Cybersecurity Program Questions 2

Internal Auditing: Assurance & Advisory Services, Fourth Edition

Revision History First Edition July 2007 Second Edition October 2009 Third Edition April 2013 Fourth Edition April 2017

Textbook Chapters Chapter 1: Introduction to Internal Auditing Chapter 2: The International Professional Practices Framework Chapter 3: Governance Chapter 4: Risk Management Chapter 5: Business Processes and Risk Chapter 6: Internal Control Chapter 7: Information Technology Risks and Controls Chapter 8: Risk of Fraud and Illegal Acts Chapter 9: Managing the Internal Audit Function Chapter 10: Audit Evidence & Workpapers Chapter 11: Data Analytics and Audit Sampling Chapter 12: Introduction to the Engagement Process Chapter 13: Conducting the Assurance Engagement Chapter 14: Communicating Assurance Engagement Outcomes Chapter 15: The Consulting Engagement Download the Table of Contents Below IA 4th Edition TOC.pdf

Case Studies Case Study 1: Auditing Entity-wide Controls Case Study 2: Auditing the Compliance and Ethics Program Case Study 3: Performing a Blended Consulting Engagement

Textbook Product Integration Check out the resources here: www.theiia.org/iatextbook ACL Idea KnowledgeLeader TeamMate +

Significant Updates-3 rd Edition Integration of TeamMate and TeamMate Case Studies Addition of Value Proposition COSO Internal Control 2013 Updates to Standards, Implementation Guides, and Practice Guides(19 GTAGs) Inclusion of 3 Lines of Defense New material on Risk Management New technologies(i.e., cloud computing, smartphones) Expansion on Audit Management including combined assurance

Internal Auditing: Assurance & Advisory Services, 4th Edition What s new in the 4th Edition? TeamMate + and TeamMate Analytics an award-winning audit management system, has been integrated throughout the applicable textbook chapters. Specific case studies have been developed and are embedded at the end of chapter material to introduce the ways that TeamMate + can be used to streamline internal audit processes. Streamlined for student online access. Introduction of the KnowledgeLeader with case studies throughout the text. Access available to all faculty and students. Expanded instructor materials with 100 sample multiple choice questions, sample exam, along with expanded PowerPoint slides. Published by The Internal Audit Foundation Instructors interested in ordering a desk copy may contact The IIA Bookstore, powered by the Internal Audit Foundation, by email at iiatextbook@theiia.org. Requests are limited to one per instructor and two per institution.

Significant Updates 4th Edition IPPF updates including Standards Internal Audit New Mission Statement Expansion of COSO Framework 2013 New Fraud Risk Management Guide Current Technology including Cybersecurity focus Data analytics added to Audit Sampling Chapter Integration of Protiviti KnowledgeLeader throughout TeamMate Hosting streamlined process Online distribution of material versus CD Expanded instructor material

for Universities Internal Auditing: Assurance & Consulting Services, Fourth Edition with TeamMate

Polling Question #2 Are you using TeamMate+ in the Internal Audit course this semester? Do you plan on using TeamMate+ sometime in the future?

How To Order The Textbook Instructors interested in ordering a desk copy may download and submit the Textbook 4th Edition Desk Copy Request Form. Requests are limited to one per instructor and two per institution. ISBN-13: 978-0-89413-987-1 For further information and Access to Instructor Material, contact iiatextbook@theiia.org https://bookstore.theiia.org/internal-auditing-assuranceadvisory-services-fourth-edition-instructors

Internal Audit Class and Technology Options How much do you have time for? Chapter on IT Audit Chapter 7 Chapter on Data Analytics Chapter 11 (Focus on Audit Data Analytics Strategies) TeamMate Integration Hands on Technology (IDEA, ACL, TeamMate Analytics)

On to Technology.

Level of IT Understanding Business Auditors IT Auditors

What to call the a separate IT Audit class? Computer Audit Information System Audit Information Technology Audit Information Technology Audit and Risk Management Computer Audit and System Security: Compliance and Advisory Perspective 17

Course Objectives Prepare students to have a meaningful career as an IT Auditor: Technical Knowledge Analytical Ability Communication Skills Interpersonal Skills Pass professional certification exams CISA exams, CPA, and CIA.

What does a University IT Audit and Risk Management Course Objectives look like? 1. Be able to identify key information technology risks and how to mitigate those risks. 2. Be able to develop a control checklist and key audit steps related to technology risks. 3. Be able to distinguish key user technology risks and controls. 4. Be able identify the key content areas and have knowledge of all areas covered by the Certified Information Systems Audit (CISA) exam. 5. Identify sources for research of technology risks and apply those techniques to an overall research paper. 6. Learn those areas of technology risks that are currently of most concern to the IIA, AICPA, and ISACA. 7. Be able to distinguish and evaluate key application controls along with auditing of application controls. 8. Identify and evaluate risks in an e-business environment. 9. Understand how to adapt audit coverage to areas of advanced and emerging technologies. 19

First Day of Class Demystifying IT Audit Profile of class Certified Information Systems Auditor(CISA) possibility Encourage local ISACA participation 20

Definition of Information Technology Audit An information technology audit, or information systems audit, is an examination of the management controls within an Information technology (IT) infrastructure. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively to achieve the organization's goals or objectives. 21

Some Reasonable Objectives for All Auditors Understand how technology fits into the overall business processes and its impact. Describe key risks and control techniques introduced by technology. Articulate the relationship between business transaction processing risks introduced by information technology risks. Find and interpret the leading sources of information related to technology control frameworks. Determine the significant technology issues to be considered as part of the review of a business unit. Integrate application controls as part of business unit audits. Understand the emerging technology risk issues.

Technology and Audit Infrastructure Audit Integrated Audit Use of Technology as Tool Audit Automation Data Analytics 23

Big Three Technology Risk Categories Information Security Business Continuity Change Management 24

Sample Syllabus

Chapter 7: Information Technology Risks and Controls 17 GTAGs published GTAG: IT Controls (Published in Mar 2005) 2 nd EDITION MARCH 2012 GTAG: Change and Patch Management Controls (Published in June 2005) 2 nd EDITION MARCH 2012 GTAG: Continuous Auditing (Published in Oct 2005) Update Coming Soon GTAG: Management of IT Auditing (Published in Mar 2006) 2 nd EDITION January 2013 GTAG: Information Technology Outsourcing (Published in Mar 2007) GTAG: Auditing Application Controls (Published in July 2007) 26

Chapter 7: Information Technology Risks and Controls GTAG: Identity and Access Management (Published in July 2007) GTAG: Auditing User Developed Applications (Published in June 2010) GTAG: Developing the IT Audit Plan (Published in July 2008) 17 GTAGs published GTAG: Auditing IT Projects (Published in March 2009) GTAG: Fraud Detection and Prevention in an Automated World (Published in December 2009) 27

Chapter 7: Information Technology Risks and Controls GTAG: Information Security Governance (Published in July 2010) 17 GTAGS published GTAG: Auditing Smart Devices (August 2016) GTAG: Data Analysis Technologies (Published in August 2011) GTAG: Assessing Cybersecurity Risk (September 2016) GTAG: Auditing IT Governance (Published in July 2012) GTAG: Understanding and Auditing Big Data (May 2017) 28

What Every Business Auditor Should Understand Related to IT Controls Global Technology Auditing Guide 1-2 nd Edition 29

Model IT Controls Curriculum IIA The IIA s Global Model Internal Audit Curriculum IT Auditing course Integrated - 2012 Schools recognized as part of IAEP https://na.theiia.org/about-us/aboutia/pages/participating-iaep-programschools.aspx ISACA Model Curriculum - 2012 http://www.isaca.org/knowledge- Center/Academia/Pages/Programs-Aligned- with-model-curriculum-for-is-audit-and- Control.aspx

ISACA - Cobit 5-Another Approach 31

Example of Case Studies Exploring technology risk and IT audit Business tied to technology risk Social Media Experiential Learning

Certified Information Systems Auditor (CISA) Exam One part exam Exam three testing windows Integrate topics into class Provide access to local CISA review if available Improves student career potential immediately 33

Next Steps If you are teaching an IT Audit and Risk Management courses Great! Take advantage of various case studies Utilize resources available from the IIA and ISACA Cross list course Accounting and MIS Become a program recognized by ISACA 34

Use Of Technology As A Tool 35

A couple of Different Approach s to Audit Analytics - Integrate into Courses - Internal Audit/Operational Audit Course - Financial Audit Class - IT Audit Course - Other Courses - Separate Course in Audit Analytics - Course or Program in Data Analytics in MIS Program 36

Sample Course Syllabus

Cybersecurity Certificate Program Developed to meet the increasing need of risk management and technical personnel in the area of cybersecurity Joint program with business school and computer science engineering Program at the graduate level Individuals receive Certificate in Cybersecurity systems (CCSS) All students would take this core Cybersecurity Fundamentals course

Cyber Security Tracks Computer Science Track Cyber Security with Computer Science Emphasis Choose three (3) courses from: Information Security (CS 6324) Network Security (CS 6349) Data/App Security (CS 6348) One approved CS Elective in Cyber Security Systems Engineering Track Cyber Security with Systems Engineering Emphasis Choose three (3) courses from: Systems Engineering (SYSM 6301) CS 6324 or MIS 6330 One approved Cyber Security course from CS, IA, or IM track Students take a total of four courses (12 credit hours) consisting of one common fundamentals course and three other courses in one of four specified Tracks Certificate in Cyber Security Systems Cyber Security Fundamentals (course taken by all students) Remaining courses taken within a selected Track Track #1: Computer Science (CS) Track #2: Systems Engineering (SYSE) Track #3: Internal Audit (IA) Track #4: Information Management (IM) Internal Audit Track Cyber Security with Internal Audit Emphasis Take the following courses: IT Security (MIS 6330) Internal Audit (ACCT 6380) IT Audit & Risk Management (ACCT 6336) Information Management Track Cyber Security with Information Management Emphasis Take the following courses: IT Security (MIS 6330) Cloud Computing (MIS 6363) IT Audit & Risk Management (ACCT 6336)

Contact Information Mark Salamasick Executive Director of Audit The University of Texas System (512) 499-4535 msalamasick@utsystem.edu

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback