Syllabus of isca for nov. 2012
This query is : Resolved
Querist : Anonymous
Querist :
Anonymous
(Querist)
23 July 2012
Hello Experts,
Is there any change in the syllabus of ISCA of Ca-Final for Nov. 2012 attempt???
Thanks
Is there any change in the syllabus of ISCA of Ca-Final for Nov. 2012 attempt???
Thanks
23 July 2012
The following is the syllabus for ISCA paper .
1. Information Systems Concepts
General Systems Concepts – Nature and types of systems, nature and types of
information, attributes of information.
Management Information System – Role of information within business
Business information systems –various types of information systems – TPC, MIS, DSS,
EIS, ES
2. Systems Development Life Cycle Methodology
Introduction to SDLC/Basics of SDLC
Requirements analysis and systems design techniques
Strategic considerations : Acquisition decisions and approaches
Software evaluation and selection/development
Alternate development methodologies- RAD, Prototype etc
Hardware evaluation and selection
Systems operations and organization of systems resources
Systems documentation and operation manuals
User procedures, training and end user computing
System testing, assessment, conversion and start-up
Hardware contracts and software licenses
System implementation
Post-implementation review
System maintenance
System safeguards
Brief note on IS Organisation Structure
3. Control objectives
(a) Information Systems Controls14
Need for control
Effect of computers on Internal Audit
Responsibility for control – Management, IT, personnel, auditors
Cost effectiveness of control procedure
Control Objectives for Information and related Technology (COBIT)
(b) Information Systems Control Techniques
Control Design: Preventive and detective controls, Computer-dependent control, Audit
trails, User Controls (Control balancing, Manual follow up)
Non-computer-dependent (user) controls: Error identification controls, Error investigation
controls, Error correction controls, Processing recovery controls
(c) Controls over system selection, acquisition/development
Standards and controls applicable to IS development projects
Developed / acquired systems
Vendor evaluation
Structured analysis and design
Role of IS Auditor in System acquisition/selection
(d) Controls over system implementation
Acceptance testing methodologies
System conversion methodologies
Post implement review
Monitoring, use and measurement
(e) Control over System and program changes
Change management controls
Authorization controls
Documentation controls
Testing and quality controls
Custody, copyright and warranties
Role of IS Auditor in Change Management
(f) Control over Data integrity, privacy and security
Classification of information
Logical access controls15
Physical access controls
Environmental controls
Security concepts and techniques – Cryptosystems, Data Encryption Standards (DES),
Public Key Cryptography & Firewalls
Data security and public networks
Monitoring and surveillance techniques
Data Privacy
Unauthorised intrusion, hacking, virus control
Role of IS Auditor in Access Control
4. Audit Tests of General and Automated Controls
(a) Introduction to basics of testing (reasons for testing);
(b) Various levels/types of testing such as: (i) Performance testing, (ii) Parallel testing,
(iii) Concurrent Audit modules/Embedded audit modules, etc.
5. Risk assessment methodologies and applications: (a) Meaning of Vulnerabilities,
Threats, Risks, Controls, (b) Fraud, error, vandalism, excessive costs, competitive
disadvantage, business, interruption, social costs, statutory sanctions, etc. (c) Risk
Assessment and Risk Management, (d) Preventive/detective/corrective strategies
6. Business Continuity Planning and Disaster recovery planning: (a) Fundamentals
of BCP/DRP, (b) Threat and risk management, (c) Software and data backup techniques,
(d) Alternative processing facility arrangements,(e) Disaster recovery procedural plan, (f)
Integration with departmental plans, testing and documentation, (g) Insurance
7. An over view of Enterprise Resource Planning (ERP)
8. Information Systems Auditing Standards, guidelines, best practices (BS7799, HIPPA,
CMM etc.)
9. Drafting of IS Security Policy, Audit Policy, IS Audit Reporting - a practical perspective
10. Information Technology Act, 2000
1. Information Systems Concepts
General Systems Concepts – Nature and types of systems, nature and types of
information, attributes of information.
Management Information System – Role of information within business
Business information systems –various types of information systems – TPC, MIS, DSS,
EIS, ES
2. Systems Development Life Cycle Methodology
Introduction to SDLC/Basics of SDLC
Requirements analysis and systems design techniques
Strategic considerations : Acquisition decisions and approaches
Software evaluation and selection/development
Alternate development methodologies- RAD, Prototype etc
Hardware evaluation and selection
Systems operations and organization of systems resources
Systems documentation and operation manuals
User procedures, training and end user computing
System testing, assessment, conversion and start-up
Hardware contracts and software licenses
System implementation
Post-implementation review
System maintenance
System safeguards
Brief note on IS Organisation Structure
3. Control objectives
(a) Information Systems Controls14
Need for control
Effect of computers on Internal Audit
Responsibility for control – Management, IT, personnel, auditors
Cost effectiveness of control procedure
Control Objectives for Information and related Technology (COBIT)
(b) Information Systems Control Techniques
Control Design: Preventive and detective controls, Computer-dependent control, Audit
trails, User Controls (Control balancing, Manual follow up)
Non-computer-dependent (user) controls: Error identification controls, Error investigation
controls, Error correction controls, Processing recovery controls
(c) Controls over system selection, acquisition/development
Standards and controls applicable to IS development projects
Developed / acquired systems
Vendor evaluation
Structured analysis and design
Role of IS Auditor in System acquisition/selection
(d) Controls over system implementation
Acceptance testing methodologies
System conversion methodologies
Post implement review
Monitoring, use and measurement
(e) Control over System and program changes
Change management controls
Authorization controls
Documentation controls
Testing and quality controls
Custody, copyright and warranties
Role of IS Auditor in Change Management
(f) Control over Data integrity, privacy and security
Classification of information
Logical access controls15
Physical access controls
Environmental controls
Security concepts and techniques – Cryptosystems, Data Encryption Standards (DES),
Public Key Cryptography & Firewalls
Data security and public networks
Monitoring and surveillance techniques
Data Privacy
Unauthorised intrusion, hacking, virus control
Role of IS Auditor in Access Control
4. Audit Tests of General and Automated Controls
(a) Introduction to basics of testing (reasons for testing);
(b) Various levels/types of testing such as: (i) Performance testing, (ii) Parallel testing,
(iii) Concurrent Audit modules/Embedded audit modules, etc.
5. Risk assessment methodologies and applications: (a) Meaning of Vulnerabilities,
Threats, Risks, Controls, (b) Fraud, error, vandalism, excessive costs, competitive
disadvantage, business, interruption, social costs, statutory sanctions, etc. (c) Risk
Assessment and Risk Management, (d) Preventive/detective/corrective strategies
6. Business Continuity Planning and Disaster recovery planning: (a) Fundamentals
of BCP/DRP, (b) Threat and risk management, (c) Software and data backup techniques,
(d) Alternative processing facility arrangements,(e) Disaster recovery procedural plan, (f)
Integration with departmental plans, testing and documentation, (g) Insurance
7. An over view of Enterprise Resource Planning (ERP)
8. Information Systems Auditing Standards, guidelines, best practices (BS7799, HIPPA,
CMM etc.)
9. Drafting of IS Security Policy, Audit Policy, IS Audit Reporting - a practical perspective
10. Information Technology Act, 2000
Message likes :
2 times
27 May 2013
yes there are some changes in module in isca in jan,2013 by icai.
27 May 2013
follow this link
https://www.caclubindia.com/forum/isca-amendments-by-icai-241434.asp
https://www.caclubindia.com/forum/isca-amendments-by-icai-241434.asp
You need to be the querist or approved CAclub expert to take part in this query .
Click here to login now
Click here to login now
Similar Resolved Queries
Unanswered Queries
- Manual Rectification through AO
- IT Return filed defective u/s 139 (9)
- Fixed Deposit Claim Relinquishment by the Nominee
- Defective Return - Tds on advance
- Income Type for interest from government bonds
- TCS ON SOFTWARE SALES
- Not a CA , can we prepare balance sheet
- Valuation of diamonds as on 01.04.2001
- What is meaning of merging of expenses or income in accounts
- Accounting treatment of write off sundry debtors
- Gstr 9 2023-24
- GSTR-9 HSN Summary and Credit Note without item
- Interchangeable words in accounts
- Adjusted profit/Loss in the case of LLP and Pvt. Ltd.company
- How to adjusted advances given or receipt
- Foreign vendor without PAN unable to to register due to non receipt of OTP on foreign number ?
- 133(6) DIN INVALID format error - ->WHERE TO REPLY 133(6) notice?
- Query for dubts
- GST RCM not shown in GSTR-3B
- Bill from Dispatched from issue.
Trending Online Classes
-
Landmark Judgments: Important Provisions of the EPF & ESI Act interpreted by the Honorable Supreme Court of India
Mr.Balamurugan Ranganathan15 November 2024
CAclubindia
