GBPP ST-RK-1.00-014-003/R- GARIS-GARIS BESAR PROGRAM PENGAJARAN PROGRAM STUDI: S1 SISTEM INFORMASI Semester : 7 Berlaku mulai: Gasal/2010 JUDUL MATA KULIAH : AUDIT TEKNOLOGI INFORMASI NOMOR KODE / SKS : 410103095 / 3 SKS PRASYARAT : - DESKRIPSI SINGKAT : Mata kuliah ini memberikan konsep audit TI yang hasilnya dapat memberikan perbaikan bagi organisasi. MANFAAT MATA KULIAH : TUJUAN INSTRUKSIONAL : Setelah mengikuti mata kuliah ini, mahasiswa dapat memahami konsep dan dasar audit TI yang hasilnya dapat memberikan perbaikan bagi organisasi. DAFTAR PUSTAKA : Wajib: 1. Senft, Sandra; Gallegos, Frederick., 2009. Information Technology Control and Audit. Third edition. Auerbach Publications 2. Davis, Chris., 2007. IT Auditing : using control to protect information assets. McGraw-Hill PROSENTASE PENILAIAN : UTS : 30 % UAS : 30 % TUGAS : tugas = 30%, quiz = 10% Halaman 1 dari 7
PERT TUJUAN INSTRUKSIONAL 1 Presents the IT environment A Foundation for today and discusses why issues IT Audit and involving IT control and audit are Control (1) so important. It briefly discusses what IT auditing involves and the development of guidance by a number of organizations worldwide to deal with IT control and auditability issues. Information integrity, reliability, and validity are extremely important in today s competitive business world 2 A Foundation for IT Audit and Control (2) SUB METODE ESTIMASI 1. Information Technology Environment: Why Are Controls And Audit Important? 2. Legal Environment and Its Impact on Information Technology 1. Audit and Review: Its Role in Information Technology 2. Audit Process in an Information Technology Environment Tugas 1 1 (h.3 h.17) 1 (h.21 h.43) 1 (h.47 h.68) 1 (h.75 h.97) 3 A Foundation for IT Audit and Control (3) 1. Auditing Information Technology Using Computer-Assisted Audit Tools and Techniques 1 (h.101 h.125) 4 A Foundation for IT Audit and Control (4) 1. Managing IT Audit 2. IT Auditing in the New Millennium Tugas 2 1 (h.129 h.149) 1 (h.155 h.173) Halaman 2 dari 7
PERT TUJUAN INSTRUKSIONAL 5 Describe the standards, frameworks, regulations, and risks that govern the scope of the audit function Frameworks, Standards, and Regulations SUB METODE ESTIMASI 1. COSO 2. CoBIT 3. ITIL 4. ISO Tugas Kelompok 1 2 (Chapter 13: Frameworks and Standards) 6 Describe the critical issues and best practices in governing and controlling IT resources. Key processes like project management and quality management ensure that investments made in IT deliver on their promised value Auditing IT Planning and Organization (1) 1. IT Governance 2. Strategy and Standards Tugas 3 1 (h.181 h.197) 1 (h. 203 h.223) 7 Course review 1. Course 1 7 2. Quiz - Quiz - 50-100 8 Describe the critical issues and best practices in governing and controlling IT resources. Key processes like project management and quality management ensure that investments made in IT deliver on their promised value Auditing IT Planning and Organization (2) 1. Risk Management 2. Process and Quality Management Tugas 4 1 (h.227 h.246) 1 (h.251 h.268) 9 Discusses risks and controls in terms of the life cycle of application systems. Specifically,it includes acquiring new systems, implementing new systems, and IT Acquisition and Implementation (1) 1. Software Development and Implementation 2. IT Sourcing 1 (h.325 h.345) 1 (h.351 h.370) Halaman 3 dari 7
PERT TUJUAN INSTRUKSIONAL applications risks, as well as change management. 10 IT Acquisition and Implementation (2) 11 Examines information technology (IT) general controls and managing service delivery. Computer applications operate within this environment and are very dependent on the general controls that protect the IT environment. Service management provides a framework for delivering quality IT services to the organization IT Delivery and Support (1) SUB METODE ESTIMASI 1. Application Controls and Maintenance 2. Change Management 1. Service Management 2. Security and Service Continuity 1 (h.375 h.394) 1 (h.399 h.419) Tugas 5 1 (h.429 h.446) 1 (h.467 h.484) 12 IT Delivery and Support (2) 13 1. Discusses the virtual environment where organizations operate today. The virtual environment is composed of a complex confi guration of clients, servers, and networks to function Virtual Environment and Virtual Security 1. System Management 2. Operations Management 1. Virtual Environment 2. Virtual Security 1 (h.489 h.507) 1 (h.511 h.526) Tugas 6 1 (h.533 h.554) 1 (h.559 h.577) 2 (Chapter 5: Auditing Switches, Halaman 4 dari 7
PERT TUJUAN INSTRUKSIONAL 2. Discussion of the security risks and controls inherent in a virtual environment. Internet security has had signifi cant impacts on businesses worldwide. The emergence of new and more dangerous types of attacks from cybercriminals continues to pose big challenges for businesses and security professionals SUB METODE ESTIMASI Routers, and Firewalls 2 (Chapter 11: Auditing WLAN and Mobile Devices) 14 Discusses the risks associated with doing business on the Internet and controls that help mitigate these risks. The complex nature of E-Commerce systems means that they are always at risk if they do not monitor internal and external security trends at all times E-Commerce 1. E-Commerce 2. Quiz - 100-50 Tugas Kelompok 2 1 (h.583 h.600) 2 (Chapter 5: Auditing Switches, Routers, and Firewalls Halaman 5 dari 7
Disahkan Oleh: Diperiksa Oleh: Dibuat Oleh: Helmy Widyantara, S.Kom., M.Eng Tutut Wurijanto, M.Kom Dra. Sulis Janu Hartati, MT Wakil Ketua I Kaprodi S1 Sistem Informasi Ketua Tim GBPP Halaman 6 dari 7