Program Studi Informatika - Fakultas Ilmu Komputer Universitas Bina Darma SAP IT Audit
SYLLABUS FORM
ISO 9001 : 2000
Written by
1.
2.
3.
4.
5.
6.
Faculty
Study Program
Subject
Subject Code
Pra requirement Subject
Subject Status
Description
Doc Number:
FRM/KUL/01/02
Revision Number:
03
Date apply
:
1 October 2008
ISO Clause
:
7.5.1 dan 7
Checked by
Approved by
Syahril Rizal, S.T., M.M., M.Kom.
M. Izman Herdiansyah, S.T, M.M., M.Kom.
Valid date
: Computer Science
: Information Technology
Grade : S1 Degree
: Audit IT
:
:
:
: This subject allows students to acquire, in pedagogic terms, the basic core knowledge of the field of Information Systems Audit and
Control, the audit process and the protection of information, consistent with the ISACA Model Curriculum (Note 1), and to develop, in
pragmatic terms, the necessary background and skills needed to enter the Information Systems Audit and Control profession (Note 2).
This course aims to:
8. Competencies
:
9. Weekly Learning Process Implementation :
SYLLABUS FORM
ISO 9001 : 2000
No
1
Topic/ Learning Materials
Chapter 1
Overview of Information System Audit
Chapter 2
Conducting an Information Systems Audit
2
Chapter 3
Top Management Controls
Chapter 4
System Development Management
Controls
-
Sub Topic
Need for Control and Audit of Computers
Effects of Computers on Internal Controls
Effects of Computers on Auditing
Foundations of Information Systems Auditing
-
The Nature of Controls
Dealing with Complexity
Audit Risks
Types of Audit Procedures
Overview of Steps in an Audit
Auditing Around or Through the Computer
Evaluating the Planning Function
Evaluating the Organizing Function
Evaluating the Leading Function
Evaluating the Controlling Function
-
Approaches to Auditing Systems Development
Normative Models of the Systems Development
Process
Evaluating the Major Phases in the Systems
Development process
Appendix 4.1 Techniques for studying the Existing
System : Structured Analysis
Appendix 4.2 Techniques for studying the Existing
System : Object-Oriented Analysis
Appendix 4.3 Entity-Relationship Modeling
Appendix 4.4 Normalization
-
Doc Number:
FRM/KUL/01/02
Revision Number:
03
Date apply
:
1 October 2008
ISO Clause
:
7.5.1 dan 7
-
Sumber Pustaka
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
Gondodiyoto, Sanyoto. 2009.
Pengelolaan Fungsi Audit Sistem
informasi. Jakarta : Mitra Wacana Media
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
Information
SYLLABUS FORM
ISO 9001 : 2000
3
Chapter 5
Programming Management Controls
-
Chapter 6
Data Resource Management Controls
4
Chapter 7
Security Management Controls
Chapter 8
Operations Management Controls
5
Chapter 9
The Program Development Life Cycle
Organizing the Programming Team
Managing the System Programming Group
Appendix 5.1 Techniques for program Design :
Functional Decomposition
Appendix 5.2 Techniques for Program Design : Data
Flow Design
Appendix 5.3 Techniques for Program Design : Data
Structure Design
Appendix 5.4 Techniques for Program Design :
Object-Oriented Design
-
Motivations Toward the DA and DBA Roles
Functions of the DA and DBA
Some Organizational Issues
Data Repository Systems
Control over the DA and DBA
Conducting a Security Program
Major Security Threats and Remedial Measures
Controls of Last Resort
Some Organizational Issues
-
Computer Operations
Network Operations
Data Preparation and Entry
Production Control
File Library
Documentation and Program Library
Help Desk / Technical Support
Capacity Planning and Performance Monitoring
Management of Outsourced Operations
Motivations Toward the QA Role
Doc Number:
FRM/KUL/01/02
Revision Number:
03
Date apply
:
1 October 2008
ISO Clause
:
7.5.1 dan 7
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
Weber, Ron. 1999. Information Systems
SYLLABUS FORM
ISO 9001 : 2000
8
Quality Assurance Management Controls
-
QA Functions
Organizational Considerations
Relationship Between Quality Assurance and Auditing
Chapter 10
Boundary Controls
-
Cryptographic Controls
Access Controls
Personal identification Numbers
Digital Signatures
Plastic Cards
Audit Trail Controls
Existence Controls
Data Input Methods
Source Document Design
Data-entry Screen Design
Data Code Controls
Check Digits
Batch Controls
Validation of Data Input
Instruction Input
Validation of Instruction Input
Audit Trail Controls
Existence Controls
-
Communication Subsystem Exposures
Physical Component Controls
Line Error Controls
Flow Controls
Link Controls
Topological Controls
Channel Access Controls
Controls over Subversive Threats
Internetworking Controls
Chapter 11
Input Controls
Chapter 12
Communication Controls
Doc Number:
FRM/KUL/01/02
Revision Number:
03
Date apply
:
1 October 2008
ISO Clause
:
7.5.1 dan 7
Control And Audit. New Jersey : Prentice
Hall
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
Gondodiyoto, Sanyoto. 2009.
Pengelolaan Fungsi Audit Sistem
informasi. Jakarta : Mitra Wacana Media
SYLLABUS FORM
ISO 9001 : 2000
7
Chapter 13
Processing Controls
Chapter 14
Database Controls
9
10
MID Test
Chapter 15
Output Controls
Chapter 16
Audit Software
- Communication Architectures and Controls
- Audit Trail Controls
- Existence Controls
- Processor Controls
- Real Memory Controls
- Virtual Memory Controls
- Operating System Integrity
- Application software Controls
- Audit Trail Controls
- Existence Controls
- Access Controls
- Integrity Controls
- Applications Software Controls
- Concurrency Controls
- Cryptographic Controls
- File Handling Controls
- Audit Trail Controls
- Existence Controls
exam
- Inference Controls
- Batch Output Production and Distribution Controls
- Batch Report Design Controls
- Online Output Production and Distribution Controls
- Audit Trail Controls
- Existence Controls
-
Generalized Audit Software
Industry-specific Audit Software
High-level Languages
Utility Software
Doc Number:
FRM/KUL/01/02
Revision Number:
03
Date apply
:
1 October 2008
ISO Clause
:
7.5.1 dan 7
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
SYLLABUS FORM
ISO 9001 : 2000
FRM/KUL/01/02
Revision Number:
03
Date apply
:
1 October 2008
ISO Clause
:
7.5.1 dan 7
11
Chapter 17
Code Review, Test Data and Code
Comparison
Chapter 18
Concurrent Auditing Techniques
12
Chapter 19
Interviews, Questionnaires and Control
Flowcharts
Chapter 20
Performance Measurement Tools
13
Chapter 21
Evaluating Asset Safeguarding and Data
Integrity
Expert Systems
Neural Network Software
Specialized Audit Software
Other Audit Software
Control of Audit Software
- Where Do Program Defects Occur ?
- Program Source-code Review
- Test Data
- Program Code Comparison
Doc Number:
Basic Nature of Concurrent Auditing Techniques
Need for Concurrent Auditing Techniques
Types of Concurrent Auditing Techniques
Implementing Concurrent Auditing Techniques
Strengths / Limitations of Concurrent Auditing
Techniques
- Interviews
- Questionnaires
- Control Flowcharts
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
- The Objects of Measurement
- General Characteristics of Performance Measurement
Tools
- Types of Performance Meansurement Tools
- Presenting Performance Measurement Results
- Performance Measurement and Data Integrity
- Meansures of Asset Safeguarding and Data
Integrity
- Nature of the Global Evaluation Decision
- Determinants of Judgment Performance
- Audit Technology to Assist the Evaluation Decision
- Cost-effectiveness Considerations
SYLLABUS FORM
ISO 9001 : 2000
Chapter 22
Evaluating System Effectiveness
14
Chapter 23
Evaluating System Efficiency
15
Chapter 24
Managing the Information System Audit
Function
16
Final test
10. Evaluation
:
11. Reference
:
- Overview of the Effectiveness Evaluation Process
- A Model of Information System Effectiveness
- Evaluating System Quality
- Evaluating Information Quality
- Evaluating Perceived Usefulness
- Evaluating Perceived Ease of Use
- Evaluating Computer Self-efficacy
- Evaluating Information System use
- Evaluating Individual Impact
- Evaluating Information System Satisfaction
- Evaluating Organizational Impact
- The Evaluation Process
- Performance Indices
- Workload Models
- System Models
- Combining Workload and System Models
- Planning Function
- Organizing Function
- Staffing Function
- Leading Function
- Controlling Function
- Toward Information Systems Audit Professionalism
- Some Futures of Information Systems Auditing
Exam
Doc Number:
FRM/KUL/01/02
Revision Number:
03
Date apply
:
1 October 2008
ISO Clause
:
7.5.1 dan 7
-
Gondodiyoto, Sanyoto. 2009.
Pengelolaan Fungsi Audit Sistem
informasi. Jakarta : Mitra Wacana Media
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
SYLLABUS FORM
ISO 9001 : 2000
Doc Number:
FRM/KUL/01/02
Revision Number:
03
Date apply
:
1 October 2008
ISO Clause
:
7.5.1 dan 7
1.
Weber, Ron. 1999. Information Systems Control And Audit. New Jersey : Prentice Hall
2.
Gondodiyoto, Sanyoto. 2009. Pengelolaan Fungsi Audit Sistem informasi. Jakarta : Mitra Wacana Media
ISO 9001 : 2000
Written by
1.
2.
3.
4.
5.
6.
Faculty
Study Program
Subject
Subject Code
Pra requirement Subject
Subject Status
Description
Doc Number:
FRM/KUL/01/02
Revision Number:
03
Date apply
:
1 October 2008
ISO Clause
:
7.5.1 dan 7
Checked by
Approved by
Syahril Rizal, S.T., M.M., M.Kom.
M. Izman Herdiansyah, S.T, M.M., M.Kom.
Valid date
: Computer Science
: Information Technology
Grade : S1 Degree
: Audit IT
:
:
:
: This subject allows students to acquire, in pedagogic terms, the basic core knowledge of the field of Information Systems Audit and
Control, the audit process and the protection of information, consistent with the ISACA Model Curriculum (Note 1), and to develop, in
pragmatic terms, the necessary background and skills needed to enter the Information Systems Audit and Control profession (Note 2).
This course aims to:
8. Competencies
:
9. Weekly Learning Process Implementation :
SYLLABUS FORM
ISO 9001 : 2000
No
1
Topic/ Learning Materials
Chapter 1
Overview of Information System Audit
Chapter 2
Conducting an Information Systems Audit
2
Chapter 3
Top Management Controls
Chapter 4
System Development Management
Controls
-
Sub Topic
Need for Control and Audit of Computers
Effects of Computers on Internal Controls
Effects of Computers on Auditing
Foundations of Information Systems Auditing
-
The Nature of Controls
Dealing with Complexity
Audit Risks
Types of Audit Procedures
Overview of Steps in an Audit
Auditing Around or Through the Computer
Evaluating the Planning Function
Evaluating the Organizing Function
Evaluating the Leading Function
Evaluating the Controlling Function
-
Approaches to Auditing Systems Development
Normative Models of the Systems Development
Process
Evaluating the Major Phases in the Systems
Development process
Appendix 4.1 Techniques for studying the Existing
System : Structured Analysis
Appendix 4.2 Techniques for studying the Existing
System : Object-Oriented Analysis
Appendix 4.3 Entity-Relationship Modeling
Appendix 4.4 Normalization
-
Doc Number:
FRM/KUL/01/02
Revision Number:
03
Date apply
:
1 October 2008
ISO Clause
:
7.5.1 dan 7
-
Sumber Pustaka
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
Gondodiyoto, Sanyoto. 2009.
Pengelolaan Fungsi Audit Sistem
informasi. Jakarta : Mitra Wacana Media
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
Information
SYLLABUS FORM
ISO 9001 : 2000
3
Chapter 5
Programming Management Controls
-
Chapter 6
Data Resource Management Controls
4
Chapter 7
Security Management Controls
Chapter 8
Operations Management Controls
5
Chapter 9
The Program Development Life Cycle
Organizing the Programming Team
Managing the System Programming Group
Appendix 5.1 Techniques for program Design :
Functional Decomposition
Appendix 5.2 Techniques for Program Design : Data
Flow Design
Appendix 5.3 Techniques for Program Design : Data
Structure Design
Appendix 5.4 Techniques for Program Design :
Object-Oriented Design
-
Motivations Toward the DA and DBA Roles
Functions of the DA and DBA
Some Organizational Issues
Data Repository Systems
Control over the DA and DBA
Conducting a Security Program
Major Security Threats and Remedial Measures
Controls of Last Resort
Some Organizational Issues
-
Computer Operations
Network Operations
Data Preparation and Entry
Production Control
File Library
Documentation and Program Library
Help Desk / Technical Support
Capacity Planning and Performance Monitoring
Management of Outsourced Operations
Motivations Toward the QA Role
Doc Number:
FRM/KUL/01/02
Revision Number:
03
Date apply
:
1 October 2008
ISO Clause
:
7.5.1 dan 7
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
Weber, Ron. 1999. Information Systems
SYLLABUS FORM
ISO 9001 : 2000
8
Quality Assurance Management Controls
-
QA Functions
Organizational Considerations
Relationship Between Quality Assurance and Auditing
Chapter 10
Boundary Controls
-
Cryptographic Controls
Access Controls
Personal identification Numbers
Digital Signatures
Plastic Cards
Audit Trail Controls
Existence Controls
Data Input Methods
Source Document Design
Data-entry Screen Design
Data Code Controls
Check Digits
Batch Controls
Validation of Data Input
Instruction Input
Validation of Instruction Input
Audit Trail Controls
Existence Controls
-
Communication Subsystem Exposures
Physical Component Controls
Line Error Controls
Flow Controls
Link Controls
Topological Controls
Channel Access Controls
Controls over Subversive Threats
Internetworking Controls
Chapter 11
Input Controls
Chapter 12
Communication Controls
Doc Number:
FRM/KUL/01/02
Revision Number:
03
Date apply
:
1 October 2008
ISO Clause
:
7.5.1 dan 7
Control And Audit. New Jersey : Prentice
Hall
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
Gondodiyoto, Sanyoto. 2009.
Pengelolaan Fungsi Audit Sistem
informasi. Jakarta : Mitra Wacana Media
SYLLABUS FORM
ISO 9001 : 2000
7
Chapter 13
Processing Controls
Chapter 14
Database Controls
9
10
MID Test
Chapter 15
Output Controls
Chapter 16
Audit Software
- Communication Architectures and Controls
- Audit Trail Controls
- Existence Controls
- Processor Controls
- Real Memory Controls
- Virtual Memory Controls
- Operating System Integrity
- Application software Controls
- Audit Trail Controls
- Existence Controls
- Access Controls
- Integrity Controls
- Applications Software Controls
- Concurrency Controls
- Cryptographic Controls
- File Handling Controls
- Audit Trail Controls
- Existence Controls
exam
- Inference Controls
- Batch Output Production and Distribution Controls
- Batch Report Design Controls
- Online Output Production and Distribution Controls
- Audit Trail Controls
- Existence Controls
-
Generalized Audit Software
Industry-specific Audit Software
High-level Languages
Utility Software
Doc Number:
FRM/KUL/01/02
Revision Number:
03
Date apply
:
1 October 2008
ISO Clause
:
7.5.1 dan 7
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
SYLLABUS FORM
ISO 9001 : 2000
FRM/KUL/01/02
Revision Number:
03
Date apply
:
1 October 2008
ISO Clause
:
7.5.1 dan 7
11
Chapter 17
Code Review, Test Data and Code
Comparison
Chapter 18
Concurrent Auditing Techniques
12
Chapter 19
Interviews, Questionnaires and Control
Flowcharts
Chapter 20
Performance Measurement Tools
13
Chapter 21
Evaluating Asset Safeguarding and Data
Integrity
Expert Systems
Neural Network Software
Specialized Audit Software
Other Audit Software
Control of Audit Software
- Where Do Program Defects Occur ?
- Program Source-code Review
- Test Data
- Program Code Comparison
Doc Number:
Basic Nature of Concurrent Auditing Techniques
Need for Concurrent Auditing Techniques
Types of Concurrent Auditing Techniques
Implementing Concurrent Auditing Techniques
Strengths / Limitations of Concurrent Auditing
Techniques
- Interviews
- Questionnaires
- Control Flowcharts
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
- The Objects of Measurement
- General Characteristics of Performance Measurement
Tools
- Types of Performance Meansurement Tools
- Presenting Performance Measurement Results
- Performance Measurement and Data Integrity
- Meansures of Asset Safeguarding and Data
Integrity
- Nature of the Global Evaluation Decision
- Determinants of Judgment Performance
- Audit Technology to Assist the Evaluation Decision
- Cost-effectiveness Considerations
SYLLABUS FORM
ISO 9001 : 2000
Chapter 22
Evaluating System Effectiveness
14
Chapter 23
Evaluating System Efficiency
15
Chapter 24
Managing the Information System Audit
Function
16
Final test
10. Evaluation
:
11. Reference
:
- Overview of the Effectiveness Evaluation Process
- A Model of Information System Effectiveness
- Evaluating System Quality
- Evaluating Information Quality
- Evaluating Perceived Usefulness
- Evaluating Perceived Ease of Use
- Evaluating Computer Self-efficacy
- Evaluating Information System use
- Evaluating Individual Impact
- Evaluating Information System Satisfaction
- Evaluating Organizational Impact
- The Evaluation Process
- Performance Indices
- Workload Models
- System Models
- Combining Workload and System Models
- Planning Function
- Organizing Function
- Staffing Function
- Leading Function
- Controlling Function
- Toward Information Systems Audit Professionalism
- Some Futures of Information Systems Auditing
Exam
Doc Number:
FRM/KUL/01/02
Revision Number:
03
Date apply
:
1 October 2008
ISO Clause
:
7.5.1 dan 7
-
Gondodiyoto, Sanyoto. 2009.
Pengelolaan Fungsi Audit Sistem
informasi. Jakarta : Mitra Wacana Media
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
-
Weber, Ron. 1999. Information Systems
Control And Audit. New Jersey : Prentice
Hall
SYLLABUS FORM
ISO 9001 : 2000
Doc Number:
FRM/KUL/01/02
Revision Number:
03
Date apply
:
1 October 2008
ISO Clause
:
7.5.1 dan 7
1.
Weber, Ron. 1999. Information Systems Control And Audit. New Jersey : Prentice Hall
2.
Gondodiyoto, Sanyoto. 2009. Pengelolaan Fungsi Audit Sistem informasi. Jakarta : Mitra Wacana Media