A detailed look and examination of the IT security audit and control process as well as risk assessment various tools and frameworks to conduct a system security audit and risk assessment. Various IT audit frameworks, government and non-government, will be covered. Legal and ethical aspects of IT auditing and risk assessment will be covered. The purpose of this course is to establish the exact status of an IT operation. Students will create an audit based control structure, establish systematic accounting and control procedures and build complete and coherent information assurance capability into the IT function. This will revolve around defining a control framework, the associated control objectives and the reporting system for an organization. Guidance for carrying this out will be provided in the form of expert models; including ISACA’s COBIT open standard, NIST 800-53A Assessing Security and Privacy Controls in Federal Information Systems and Organizations, and GAO Federal Information Systems Control Audit Methodology as well as the NIST Risk Management Framework The end product of this course is to prepare students for careers in Audit and Risk Assessment and advanced certifications such as ISACAs Certified Information Systems Auditor (CISA) and Certified in Risk and Information Systems Controls (CRISC) and the Institute of Internal Auditors (IIA) Certified Internal Auditor (CIA).
CSC326
Upon completion of this course, students will be able to:
Specified on the course schedule/outline
| Letter Grade | Range | Definition |
|---|---|---|
| A | 90-100 | Excellent |
| B | 80-89 | Above Average |
| C | 70-79 | Average |
| D | 60-69 | Below Average |
| F | 0-59 | Failing |
| W | — | Withdrawal during weeks 1 - 7 |
| WF | — | Withdrawal failing after week 7 |
| NF | — | Failing – Not actively engaged |
For more details about the Grading System, please see the current catalog.
Students must be actively engaged in the course. For a definition of active engagement, please see the current catalog.
Cheating and plagiarism are serious offenses against the University’s academic integrity and are consequently strictly prohibited. All students must familiarize themselves with the University policy on Academic Integrity.
Penalties for cheating and plagiarism are described in the University policy on Academic Integrity in the catalog. They include failure of the assignment, failure for the course, or dismissal from the University. For the complete Cheating/Plagiarism policy, please see the current catalog.
Students who have disabilities that may impact their performance in this course should follow the process described under the heading Accommodations for the Disabled in the current catalog.
Date of last review: Unknown