SBM4302 IT Audit and Controls Workshop #7 statistical justification for rejection Convention on the Rights of the Child UNICEF C…

FIND A SOLUTION AT Academic Writers Bay

Page | 1Asia Pacific International College Pty Ltd. Trading as Asia Pacific International College1-3 Fitzwilliam Street, Parramatta NSW 2150: 02-8319 2100PRV12007; CRICOS 03048DApproved: 21/9/2020 & Version 1.1Unit Code and Title: SBM4302 IT Audit and ControlsAssessment Information
Assessment Task
Weighting
Due
Length
ULO
Assessment 1: QuizQuiz covering lecture materials on a bi-weekly basis.
40%
Week 3,5, 7, 9
15 mins
ULO-1ULO-2ULO-3ULO-4
Assessment 2: ReportAn individual work pertaining to a real world IT audit report
30%
Week 5
2500 words
ULO-1ULO-2ULO-3ULO-4ULO-5
Assessment 3: Case StudyA group work that involves designing an audit work of anorganization’s IT functionalities
30%
Week 12
2500 words
ULO-1ULO-2ULO-3ULO-4ULO-5ULO-6ULO-7
Assessment DetailsPage | 2Asia Pacific International College Pty Ltd. Trading as Asia Pacific International College1-3 Fitzwilliam Street, Parramatta NSW 2150: 02-8319 2100PRV12007; CRICOS 03048DApproved: 21/9/2020 & Version 1.1Assessment 1: Quiz
Due date:
Weeks 3, 5, 7, 9
Group/individual:
Individual
Word count / Time provided:
15 minutes
Weighting:
40%
Unit Learning Outcomes:
ULO-1, ULO-2, ULO-3, ULO-4
Assessment Details:This test will assess your knowledge of key content areas (on a bi-weekly basis). For successfulcompletion of the quiz, you are required to study the material provided (lecture slides, tutorials, andreading materials), engage in the unit’s activities, and in the discussion forums. The prescribedtextbook is the main reference along with the recommended reading material. By completing thisassessment successfully, you will be able to identify key aspects of IT Audit and controls.Marking Information: The quiz will be marked out of 100 and will be weighted 10% of the totalunit mark.Assessment 2: Report
Due date:
Week 5
Group/individual:
Individual
Word count / Time provided:
2500
Weighting:
30%
Unit Learning Outcomes:
ULO-1, ULO-2, ULO-3, ULO-4, ULO-5, ULO-6, ULO-7
Course Learning Outcomes:
CLO-1, CLO-6, CLO-8, CLO-9
Assessment Details:This assessment is designed to assess students’ ability to apply theoretical learning to practical, realworld situations. In this assessment students are given an IT audit report conducted by the office ofthe New South Wales Auditor General and asked to do the followings:• Identify the audit focus and scope• Describe high risk IT issues in the NSW city councils• Describe audit findings related to IT governance in the NSW city councils• Describe audit findings related to IT general controls in the NSW city councils• Describe audit findings related to cyber security management in the NSW city councils• Highlight the professional, legal, and ethical responsibilities of an IT auditor.In completing this assessment successfully, you will be able to learn how to analyse an IT audit report,learn relevant legislation, generally accepted auditing standards and ISACA’s CORBIT framework,which will help in achieving ULO1, ULO-2, ULO-3, ULO-4, ULO-5, ULO-6, and ULO-7.Page | 3Asia Pacific International College Pty Ltd. Trading as Asia Pacific International College1-3 Fitzwilliam Street, Parramatta NSW 2150: 02-8319 2100PRV12007; CRICOS 03048DApproved: 21/9/2020 & Version 1.1Marking Criteria and Rubric: The assessment will be marked out of 100 and will be weighted 30%of the total unit mark
Marking Criteria
Not satisfactory(0-49%) of thecriterion mark)
Satisfactory(50-64%) of thecriterion mark
Good(65-74%) of thecriterion mark
Very Good(75-84%) of thecriterion mark
Excellent(85-100%) of thecriterion mark
Identify theaudit focus andscope of the givenaudit report(10 marks)
Inadequateidentification ofaudit focus andscope from thereport
Basic levelidentification ofaudit focus andscope from thereport
Moderate levelidentification ofaudit focus andscope from thereport
Accurateand detailedidentification ofaudit focus andscope
Displaysexceptional levelidentification ofaudit focus andscope
Describe high riskIT issues in theNSW city councils(20 marks)
Inadequatedescription of thehigh risk IT issues
Basic descriptionof the high risk ITissues
Moderate leveldescription of thehigh risk IT issues
Accurate anddetaileddescription of thehigh risk IT issues
Displaysexceptional leveldescription of thehigh risk IT issues
Describe auditfindings relatedto IT governancein the NSW citycouncils(20 marks)
Inadequatedescription of thefindings related toIT governance
Basic descriptionof the findingsrelated to ITgovernance
Moderate leveldescription of thefindings related toIT governance
Accurate anddetaileddescription of thefindings related toIT governance
Displaysexceptional leveldescription of thefindings related toIT governance
Describe auditfindings relatedto IT generalcontrols in theNSW city councils(20 marks)
Inadequatedescription of thefindings related toIT general controls
Basic descriptionof the findingsrelated to ITgeneral controls
Moderate leveldescription of thefindings related toIT general controls
Accurate anddetaileddescription of thefindings related toIT general controls
Displaysexceptional leveldescription of thefindings related toIT general controls
Describe auditfindings relatedto cyber securitymanagement inthe NSW citycouncils(20 marks)
Inadequatedescription of thefindings related tocyber securitymanagement
Basic descriptionof the findingsrelated to cybersecuritymanagement
Moderate leveldescription of thefindings related tocyber securitymanagement
Accurate anddetaileddescription of thefindings related tocyber securitymanagement
Displaysexceptional leveldescription of thefindings related tocyber securitymanagement
Page | 4Asia Pacific International College Pty Ltd. Trading as Asia Pacific International College1-3 Fitzwilliam Street, Parramatta NSW 2150: 02-8319 2100PRV12007; CRICOS 03048DApproved: 21/9/2020 & Version 1.1
Describe anddiscuss theprofessional,legal, and ethicalresponsibilities ofan IT Auditor(10 marks)
Inadequateunderstanding ofthe professional,legal, and ethicalresponsibilities ofan IT Auditor;cannot discussconcepts in ownwords.
Basic knowledgeof theprofessional,legal, and ethicalresponsibilities ofan IT Auditor.
Exhibits breadthand depth ofunderstandingof theprofessional,legal, and ethicalresponsibilities ofan IT Auditor.
Exhibits accurateand detailedbreadth anddepth ofunderstandingprofessional,legal, and ethicalresponsibilities ofan IT Auditor.
Displaysexceptionalunderstanding ofconcepts and theirpracticalapplication of theprofessional,legal, and ethicalresponsibilities ofan IT Auditor
Assessment 3: Case Study
Due date:
Week 12
Group/individual:
Group
Word count / Time provided:
2500 words
Weighting:
30%
Unit Learning Outcomes:
ULO1, ULO2, ULO3, ULO4, ULO5, ULO6, ULO7
Assessment Details:This assessment is designed to assess students’ ability to apply theoretical learning to practical, realworld situations. In this assessment students are given a sample case study and asked to design an ITaudit based on it. In particular, emphasis on the reason(s) behind the situation that unfolded andactions that could have been taken to prevent such incidents from occurring.Case Study: Service NSW Data BreachOn September 7th 2020, media reports showed that the Service NSW, the New South Walesstate’s biggest data collection agency, suffered a massive data breach through a cyber attack.Personal data of 186,000 customers and staff were leaked after a cyber attack occurred throughphishing emails earlier this year, in which 47 employees had their email accountscompromised. A four-month investigation, which began in April, concluded that roughly 3.8million documents had to be analysed to assess the severity of any possible breaches.“This rigorous first step surfaced about 500,000 documents which referenced personalinformation,” Service NSW chief executive Damon Rees said. “The data is made up ofdocuments such as handwritten notes and forms, scans, and records of transactionapplications.”The total size of the breach was 738 gigabytes of data, but not all of that was personalinformation, a spokesperson for Service NSW said. There is no evidence that individualMyServiceNSW account data or Service NSW databases were compromised.Page | 5Asia Pacific International College Pty Ltd. Trading as Asia Pacific International College1-3 Fitzwilliam Street, Parramatta NSW 2150: 02-8319 2100PRV12007; CRICOS 03048DApproved: 21/9/2020 & Version 1.1Customers who have been identified as “at-risk” will be notified by mail, which will includeinstructions on how to get support. The department said it “will never call or email a customerout of the blue requesting customer information about this or any other data breach”.Based on the above case study, you have to prepare a report and then a subsequent presentation toanswer the followings:– objectify your audit focus and scope– which IT resources of Service NSW, are you planning to audit? And how can you detect regularities,abnormalities in them?– what suggestions, recommendations do you want to provide to Service NSW based on your findings?– As IT auditor, what are the rules and regulations that you plan to adhere to?Marking Information: The case study will be marked out of 100 and will be weighted 30% of thetotal unit mark
Marking Criteria
Not satisfactory(0-49%) of thecriterion mark)
Satisfactory(50-64%) of thecriterion mark
Good(65-74%) of thecriterion mark
Very Good(75-84%) of thecriterion mark
Excellent(85-100%) of thecriterion mark
Identify theaudit focus andscope(20 marks)
Inadequateidentification ofaudit focus andscope
Basic levelidentification ofaudit focus andscope
Moderate levelidentification ofaudit focus andscope
Accurateand detailedidentification ofaudit focus andscope
Displaysexceptional levelidentification ofaudit focus andscope
Analysis andfindings (30marks)
Inadequateanalysis andfindings
Basic descriptionof analysis andfindings
Moderate leveldescription ofanalysis andfindings
Accurate anddetaileddescription ofanalysis andfindings
Displaysexceptional leveldescription ofanalysis andfindings
Auditor’srecommendations(20 marks)
Inadequatedescription of theauditor’srecommendations
Basic descriptionof the auditor’srecommendations
Moderate leveldescription of theauditor’srecommendations
Accurate anddetaileddescription of theauditor’srecommendations
Displaysexceptional leveldescription of theauditor’srecommendations
Presentation (30marks)
Inadequaterepresentation ofthe designed audit
Basicrepresentation ofthe designed audit
Moderate levelrepresentation ofthe designed audit
Accurate anddetailedrepresentation ofthe designed audit
Exceptionalrepresentation ofthe designed audit

READ ALSO...   first step is to summarize the article
Order from Academic Writers Bay
Best Custom Essay Writing Services

QUALITY: 100% ORIGINAL PAPERNO PLAGIARISM – CUSTOM PAPER