MCF8216 Information Technology Audit

Information Technology (IT) in today's business environment has a direct impact on a company's risk, and this relationship to risk should be an important driver in the internal audit process. IT performs or provides the information needed for many key controls in the business process, but it also brings inherent vulnerabilities. This course is intended to give students grounding on information technology audit controls, risks assessments and risk controls.

Course objective
This course aims to enable student to;

• Develop thorough understanding of internal controls required to ensure the effective and efficient operations of information technology
• Assess the information system to identify all the strong internal controls in place 
• Identify missing internal controls and its implications
• Assess, control risk, its effect on test of controls; and decision of overall audit approach based on results of test of controls.

Learning outcomes
By the end of the course, the learner will be able to:

• Identify characteristics of the IT environment,
• Identify the most common IT risks,
• Distinguish general IT controls from application controls
• Identify the components of the COBIT framework 
• Identify characteristics of an integrated IT/process audit