MS in IT Auditing, Cyber Security, and Risk Assessment

Who is ISACA? With more than 86,000 constituents in more than 160 countries, ISACA (www.isaca.org) is a leading global provider of knowledge, certifications, community, advocacy and education on information systems assurance and security, enterprise governance of IT, and IT-related risk and compliance. Founded in 1969, ISACA sponsors international conferences, publishes the ISACA® Journal, and develops international information systems auditing and control standards. It also administers the globally respected Certified Information Systems Auditor™ (CISA®), Certified Information Security Manager® (CISM®) and Certified in the Governance of Enterprise IT® (CGEIT®) designations. - ISACA

ISACA Certifications Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified in the Governance of Enterprise IT (CGEIT) Certified in Risk and Information Systems Control (CRRISC)

Globally Recognized Costa Rica - Regulation on IT (SUGEF 14-09). Financial institutions must have an annual assessment of its IT management framework with an external auditor. This external auditor must be a CISA. India - The Securities Exchange Board requires biannual system audits of all mutual funds to be conducted by an independent auditor who is CISA/CISM-certified or equivalent. Romania - Banks desiring to implement distance or electronic payment instruments, such as Internet and home banking, are required by law to be certified by auditors who hold the CISA certification. Canada - Institute of Chartered Accountants (CICA) accredits ISACA as the only body whose designation leads to recognition as a CA-designated specialist in information systems audit, control and security.

Certified Information Systems Auditor (CISA) Successful completion of the CISA exam Code of Professional Ethics Information Systems Auditing Standards Continuing Professional Education Program 120 CPE contact hours every 3 years Minimum of 5 years of experience Substitute 120 credits for 2 years Substitute master’s degree which enforces ISACA’s model curriculum for 1 year

ISACA Model Curriculum To assist in the development of programs for aspiring IS assurance professionals First released in 1998 Revised in 2004 Task force of 15 full-time academics and IS professionals from 11 countries and 5 continents Aligned with COBIT Revised in 2008 Aligned with CISA domains and knowledge areas

Target employers

What is driving the demand? Gramm-Leach-Bliley Act Sarbanes-Oxley Act Health Insurance Portability and Accountability Act Part 11 King 11 London Stock Exchange Combined Code Foreign Corrupt Practices Act EU Directive 95/46/EC on the protection of personal data

Target Audience Temple audience External audience Accounting majors (satisfies CPA requirements) Finance majors MIS majors External audience Auditors, risk managers, and cyber security practitioners looking for a promotion and certification Career changers (out of work IT consultants)

What is the goal? Examination of the controls within an IT infrastructure to obtain evidence to determine if the IT systems are: Safeguarding assets Maintaining data integrity Achieving the organization’s goals or objectives

Proposed Program Fall Spring MIS5001 – Management Information Systems or ACCT5001 – Financial and Managerial Accounting ACCT5125 – Accounting Information Systems ITA5001 – IS Audit Process ITA5101 – Systems & Infrastructure Lifecycle Management 1 ITA5201 – IT Governance Fall ITA5301 – IT Service Delivery and Support ITA5401 – Protection of Information Assets/Business Continuity-Disaster Recovery ITA5501 – Business Skills for the IT Auditor ITA5102 – Systems and Infrastructure Lifecycle Management 2 ITA5901 – IT Auditing Capstone Spring

Market Working IT auditors looking to advance their careers Recent graduates with BBA in MIS or other fields interested in a career in IT Auditing Target the Big 4 Recent graduates with BBA in Accounting Need 30 credits to meet educational requirements for CPA Looking to diversify skill set beyond traditional accounting Market

Bridge Course MIS5001 ACCT5001 For undergraduate MIS majors Provide an overview of IT systems and how they create value for organizations ACCT5001 Introduction to both managerial and financial accounting For undergraduate fox (non mis) majors For undergraduate MIS majors

ACCT5125 – Accounting Information Systems

ITA5001 – IS Audit Process IS Audit Function Knowledge Fundamental Auditing Concepts Standards & Guidelines for IS Auditing Internal Controls Concepts & Knowledge Audit Planning Process Audit Management Audit Evidence Process Audit Reporting Follow-up

ITA5101 – Systems & Infrastructure Lifecycle Management 1 IS Planning Information Management and Usage Development, Acquisition & Maintenance of Information Systems

ITA5201 – IT Governance IS/IT Management IS/IT Strategic Planning IS/IT Management Issues Support Tools & Frameworks Techniques

ITA5301 – IT Service Delivery and Support Technical Infrastructure Service Center Management

ITA5401 – Protection of Information Assets/Business Continuity-Disaster Recovery Information Assets Security Management Logical IT Security Applied IT Security: High-technology Resources Physical and Environmental Security Protection of the IT Architecture and Assets: Disaster Recovery Planning Insurance

ITA5501 – Business Skills for the IT Auditor Managerial Communications & Public Speaking Interviewing Skills Negotiation Skills Business Writing Industrial Psychology & Behavioral Science Project Management & Time Budgeting Team Building and Team Leading

ITA5102 – Systems and Infrastructure Lifecycle Management 2 Impact of IT on the Business Processes & Solutions Software Development Audit & Development of Application Controls

ITA5901 – IT Auditing Capstone

References https://www.isaca.org http://www.picpa.org/Content/38481.aspx# Ex4 http://en.wikipedia.org/wiki/Information_tec hnology_audit