Information Systems Auditing, Controls and Assurance

The Hong Kong University of Science and Technology

Information Systems Auditing, Controls and Assurance

Instructor: Garvin Percy DIAS

106,915 already enrolled

Included with Coursera Plus

Learn more

4 modules

Gain insight into a topic and learn the fundamentals.

4.7

(3,895 reviews)

Beginner level

No prior experience required

Flexible schedule

Approx. 8 hours

Learn at your own pace

98%

Most learners liked this course

4 modules

Gain insight into a topic and learn the fundamentals.

4.7

(3,895 reviews)

Beginner level

No prior experience required

Flexible schedule

Approx. 8 hours

Learn at your own pace

98%

Most learners liked this course

Skills you'll gain

Details to know

Shareable certificate

Add to your LinkedIn profile

Assessments

5 assignments

Taught in English

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

Earn a career certificate

Add this credential to your LinkedIn profile, resume, or CV

Share it on social media and in your performance review

There are 4 modules in this course

The course is awarded The Best Free Online Courses of All Time, and Best Online Courses of the Year (2021 Edition) by Class Central (http://www.classcentral.com).

--- Information systems (IS) are important assets to business organizations and are ubiquitous in our daily lives. With the latest IS technologies emerging, such as Big Data, FinTech, Virtual Banks, there are more concerns from the public on how organizations maintain systems’ integrity, such as data privacy, information security, the compliance to the government regulations. Management in organizations also need to be assured that systems work the way they expected. IS auditors play a crucial role in handling these issues. In the course “Information Systems Auditing, Controls and Assurance”, you will explore risks of information systems, and how to mitigate the risks by proper IS Controls. You will also get familiar with the IS Audit procedures and how they are applied during the IS development throughout the Systems Development Life Cycle (SDLC). Finally, you will get to observe how we can make the system changes more manageable using formal IS Management practices, such as Change Management Controls and Emergency Changes. The conversations between the course instructor - Prof. Percy Dias, and the IS auditing practitioner will give you a concrete idea on how IS auditors perform their duties, the qualities to become IS auditors and future prospects of IS auditing industry. This course is suitable for students and graduates from Information Systems, Information Technology and Computer Science, and IT practitioners who are interested to get into the IS auditing field. It is also a good starting point for learners who would like to pursue further studies for IS audit certifications – such as Certified Information Systems Auditor (CISA).

IS Auditing is related to risks, controls and assurance. In the first module, Prof. Dias introduces what risk is about. Getting deeper to risk, the 3-step risk management process is elaborated. To manage risks, controls need to be established. Prof. Dias also demonstrates with daily examples on what the controls are.

What's included

8 videos2 readings1 assignment

8 videosTotal 62 minutes

Course Overview4 minutesPreview module
1.1 Interview the Practitioner - Career Prospect of IS Auditors5 minutes
1.2 Introduction to Risk in Information System8 minutes
1.3 Risk Management Process 1- Risk Assessment8 minutes
1.4 Risk Management Process 2 - Risk Mitigation7 minutes
1.5 Risk Management Process 3 - Risk Re-evaluation3 minutes
1.6 Identify Internal Controls12 minutes
1.7 Internal Controls Examples11 minutes

2 readingsTotal 25 minutes

Grading Criteria5 minutes
Recent news of risks related to Information Systems20 minutes

1 assignmentTotal 40 minutes

Module 1 Quiz40 minutes

You may have heard of financial auditing, do you know the difference between IS auditing and financial auditing? You are going to explore more about IS auditing through the conversation between Prof. Dias and the IS audit practitioner. Prof. Dias then explains the general IS audit procedures and two major testings that IS auditors/compliance officers have to conduct. Prof. Dias also explains the procedure to obtain evidence in order to produce justified audit reports.

What's included

5 videos1 reading2 assignments

5 videosTotal 40 minutes

2.1 Interview the Practitioner - Financial Auditing vs IS Auditing?8 minutesPreview module
2.2 Interview the Practitioner - Qualities to become an IS auditor3 minutes
2.3 General IS Audit Procedures10 minutes
2.4 Compliance Testing and Substantive Testing9 minutes
2.5 Evidence8 minutes

1 readingTotal 20 minutes

ISACA Outlines Five Steps to Planning an Effective IS Audit Program 20 minutes

2 assignmentsTotal 60 minutes

Are some steps missing in the IS audit procedure of this company?20 minutes
Module 2 Quiz40 minutes

IT practitioners develop business applications following the Systems Development Life Cycle (SDLC). IS auditors are in place to ensure the controls are implemented to mitigate the risks of developing application systems throughout the SDLC. Prof. Dias is going to review what IT practitioners usually do, and further elaborate the role that IS auditors play in different phases of SDLC.

What's included

9 videos1 reading1 assignment

9 videosTotal 76 minutes

3.1 Feasibility and Requirements5 minutesPreview module
3.2 Design and Selection10 minutes
3.3 Development and Configuration5 minutes
3.4 Configuration - Input/Output Controls11 minutes
3.5 Implementation11 minutes
3.6 Case studies: System Changeover Scenarios4 minutes
3.7 Post-implementation Review8 minutes
3.8 Risks Associate with Application Development9 minutes
3.9 Role of IS Auditor in SDLC9 minutes

1 readingTotal 15 minutes

Introduction: What is business application development process / Systems Development Life Cycle (SDLC)?15 minutes

1 assignmentTotal 40 minutes

Module 3 Quiz40 minutes

Information systems seldom remain static, it is common for users to make change requests to add new features, or refine existing functions some time after the information system launches. Organizations should follow a formal procedure to make the changes in their systems manageable. Prof. Dias is going to give you an overview on the change management controls which organizations should follow. Different kinds of maintenance practices, and Emergency Controls are also discussed in this module. Finally, Percy's conversations with the IS audit practitioner give you better insights on the future development of IS audit and how IS audit support the newly emerged FinTech industry.

What's included

8 videos2 readings1 assignment

8 videosTotal 70 minutes

4.1 Information Systems Maintenance Practices10 minutesPreview module
4.2 IS Maintenance Practices Scenarios9 minutes
4.3 Change Management Process 110 minutes
4.4 Change Management Process 28 minutes
4.5 Emergency Changes10 minutes
4.6 Change Management Risk & Controls10 minutes
4.7 Insights - The future development of IS Auditing4 minutes
4.8 Insights - How does IS audit support FinTech companies?7 minutes

2 readingsTotal 25 minutes

More about different environments of an information system15 minutes
Take the post-course survey and rate this course!10 minutes

1 assignmentTotal 40 minutes

Module 4 Quiz40 minutes

Instructor

Instructor ratings

4.7 (1,559 ratings)

Garvin Percy DIAS

The Hong Kong University of Science and Technology

4 Courses121,855 learners

Offered by

The Hong Kong University of Science and Technology

Explore more from Security

Packt
Information Systems Auditing and Governance
Course
Packt
CISA: Certified Information Systems Auditor
Specialization
Packt
Systems Acquisition, Development and Implementation
Course
Packt
Governance and Management of IT
Course

Why people choose Coursera for their career

Felipe M.

Learner since 2018

"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."

Jennifer J.

Learner since 2020

"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."

Larry W.

Learner since 2021

"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."

Chaitanya A.

"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."

Learner reviews

4.7

3,895 reviews

5 stars
77.79%
4 stars
18.69%
3 stars
2.61%
2 stars
0.43%
1 star
0.46%

Showing 3 of 3895

Reviewed on Dec 28, 2020

Superb course, the instructor lecture and material is precise and concise. A worthwhile for any current and future IS auditor. Pity that I can only give 5 stars as the course deserve 10 stars rating!

Reviewed on Jan 31, 2022

A Great way to learn different skills . Wonderful course for those who are in the field of compliance and assurance . Change management and incident identification explained so neatly

Reviewed on Mar 14, 2021

This is my first completed course on Coursera. By far has been really insightful, though a bit more skewed to SDLC rather than IT Infrastructure which is my field. I enjoyed it. Thumbs up to Prof

View more reviews

New to Security? Start here.

Open new doors with Coursera Plus

Unlimited access to 10,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription

Learn more

Advance your career with an online degree

Earn a degree from world-class universities - 100% online

Explore degrees

Join over 3,400 global companies that choose Coursera for Business

Upskill your employees to excel in the digital economy

Learn more

Frequently asked questions

Access to lectures and assignments depends on your type of enrollment. If you take a course in audit mode, you will be able to see most course materials for free. To access graded assignments and to earn a Certificate, you will need to purchase the Certificate experience, during or after your audit. If you don't see the audit option:

The course may not offer an audit option. You can try a Free Trial instead, or apply for Financial Aid.
The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

When you purchase a Certificate you get access to all course materials, including graded assignments. Upon completing the course, your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile. If you only want to read and view the course content, you can audit the course for free.

You will be eligible for a full refund until two weeks after your payment date, or (for courses that have just launched) until two weeks after the first session of the course begins, whichever is later. You cannot receive a refund once you’ve earned a Course Certificate, even if you complete the course within the two-week refund period. See our full refund policy.