Are You Seeking With Your SBM4302 IT Audit And Controls Assignment Help?

Unit Code and Title: SBM4302 IT Audit and Controls

 Assessment Information

Assessment Task

Weighting

Due

Length

ULO

Assessment 1: Quiz

40%

Week 3,

15 mins

ULO-1

Quiz covering lecture materials on a bi-weekly basis.

 

5, 7, 9

 

ULO-2

 

 

 

 

ULO-3

 

 

 

 

ULO-4

Assessment 2: Report

30%

Week 5

2500 words

ULO-1

An individual work pertaining to a real world IT audit report

 

 

 

ULO-2

 

 

 

 

ULO-3

 

 

 

 

ULO-4

 

 

 

 

ULO-5

Assessment 3: Case Study

30%

Week 11

2500 words

ULO-1

A group work that involves designing an audit work of an

 

 

 

ULO-2

organization’s IT functionalities

 

 

 

ULO-3

 

 

 

 

ULO-4

 

 

 

 

ULO-5

 

 

 

 

ULO-6

 

 

 

 

ULO-7

 Assessment 1: Quiz

Due date:

Weeks 3, 5, 7, 9

Group/individual:

Individual

Word count / Time provided:

15 minutes

Weighting:

40%

Unit Learning Outcomes:

ULO-1, ULO-2, ULO-3, ULO-4


Assessment Details:

This test will assess your knowledge of key content areas (on a bi-weekly basis). For successful completion of the quiz, you are required to study the material provided (lecture slides, tutorials, and reading materials), engage in the unit’s activities, and in the discussion forums. The prescribed textbook is the main reference along with the recommended reading material. By completing this assessment successfully, you will be able to identify key aspects of IT Audit and controls.

Marking Information: The quiz will be marked out of 100 and will be weighted 40% of the total unit mark.

 Assessment 2: Report

Due date:

Week 5

Group/individual:

Individual

Word count / Time provided:

2500

Weighting:

30%

Unit Learning Outcomes:

ULO-1, ULO-2, ULO-3, ULO-4, ULO-5, ULO-6, ULO-7

Course Learning Outcomes:

CLO-1, CLO-6, CLO-8, CLO-9


Assessment Details:

This assessment is designed to assess students’ ability to apply theoretical learning to practical, real world situations. In this assessment students are given an IT audit report conducted by the office of the Western Australia Auditor General and asked to do the followings:

·         Identify the audit focus and scope

·         Analyse audit findings in the Recruitment Advertisement Management System of the Western Australia Government

·         Analyse audit findings in the Horizon Power

·         Analyse audit findings pertinent to the Pensioner Rebate Scheme and Exchange departments

·         Analyse audit findings in the New Land Registry office

·         Point out the professional, legal, and ethical responsibilities of an IT auditor.

In completing this assessment successfully, you will be able to learn how to analyse an IT audit report, learn relevant legislation, generally accepted auditing standards and ISACA’s CORBIT framework, which will help in achieving ULO1, ULO-2, ULO-3, ULO-4, ULO-5, ULO-6, and ULO-7.

Marking Criteria and Rubric: The assessment will be marked out of 100 and will be weighted 30% of the total unit mark

Marking Criteria

Not satisfactory

(0-49%) of the criterion mark)

Satisfactory

(50-64%) of the criterion mark

Good

(65-74%) of the criterion mark

Very Good

(75-84%) of the criterion mark

Excellent

(85-100%) of the criterion mark

Identify the

Inadequate

Basic level

Moderate level

Accurate

Displays

audit focus and

identification of

identification of

identification of

and detailed

exceptional level

scope of the given

audit focus and

audit focus and

audit focus and

identification of

identification of

audit report

scope from the

scope from the

scope from the

audit focus and

audit focus and

(10 marks)

report

report

report

scope

scope

Describe audit

Inadequate

Basic description

Moderate level

Accurate and

Displays

findings in the

description of the

of the findings

description of the

detailed

exceptional level

RAMS

findings inside

within RAMS

findings within

description of the

description of the

(20 marks)

RAMS

 

RAMS

findings in RAMS

findings in RAMS

Describe audit

Inadequate

Basic description

Moderate level

Accurate and

Displays

findings in the

description of the

of the findings

description of the

detailed

exceptional level

Horizon Power

findings inside

within Horizon

findings within

description of the

description of the

(20 marks)

Horizon Power

Power

Horizon Power

findings in Horizon

findings in Horizon

 

 

 

 

Power

Power

Describe audit

Inadequate

Basic description

Moderate level

Accurate and

Displays

findings in the

description of the

of the findings

description of the

detailed

exceptional level

PRS and PRX

findings inside PRS

within PRS and

findings within

description of the

description of the

(20 marks)

and PRX

PRX

PRS and PRX

findings in PRS

findings in PRS

 

 

 

 

and PRX

and PRX

Describe audit

Inadequate

Basic description

Moderate level

Accurate and

Displays

findings in the

description of the

of the findings

description of the

detailed

exceptional level

NRL-T

findings inside

within NRL-T

findings within

description of the

description of the

(20 marks)

NRL-T

 

NRL-T

findings in NRL-T

findings in NRL-T

Describe and

Inadequate

Basic knowledge

Exhibits breadth

Exhibits accurate

Displays

discuss the

understanding of

of the

and depth of

and detailed

exceptional

professional,

the professional,

professional,

understanding

breadth and

understanding of

legal, and ethical

legal, and ethical

legal, and ethical

of the

depth of

concepts and their

responsibilities of

responsibilities of

responsibilities of

professional,

understanding

practical

an IT Auditor

an IT Auditor;

an IT Auditor.

legal, and ethical

professional,

application of the

(10 marks)

cannot discuss

 

responsibilities of

legal, and ethical

professional,

 

concepts in own

 

an IT Auditor.

responsibilities of

legal, and ethical

 

words.

 

 

an IT Auditor.

responsibilities of

 

 

 

 

 

an IT Auditor

 Assessment 3: Case Study

Due date:

Week 11

Group/individual:

Group

Word count / Time provided:

2500 words

Weighting:

30%

Unit Learning Outcomes:

ULO1, ULO2, ULO3, ULO4, ULO5, ULO6, ULO7

Assessment Details:

This assessment is designed to assess students’ ability to apply theoretical learning to practical, real world situations. In this assessment students are given a sample case study and asked to design an IT audit based on it. In particular, emphasis on the reason(s) behind the situation that unfolded and actions that could have been taken to prevent such incidents from occurring.

 Case Study: NAB Data Breach

On the 26th July 2019, National Australia Bank (NAB) which is the 4th largest bank in Australia, contacted approximately 13,000 customers to advise that some personal information provided when their account was set up was uploaded, without authorisation, to the servers of two data service companies. NAB’s security teams have contacted the companies, who advise that all information provided to them is deleted within two hours.

NAB Chief Data Officer, Glenda Crisp, said the compromised data included customer name, date of birth, contact details and in some cases, a government-issued identification number, such as a driver’s licence number. “We take the privacy and the protection of customer information extremely seriously and I sincerely apologise to affected customers. We take full responsibility,” she said. “The issue was human error and in breach of NAB’s data security policies.” Ms Crisp said it was not a cyber-security issue. No NAB log-in details or passwords have been compromised and NAB’s systems remain secure. “Our number one priority is to support our customers. We are moving quickly to proactively contact every person affected.”

NAB called, emailed or written to each impacted customer individually. A dedicated, specialist support team was in place, available to them 24/7. If government identification documents need to be reissued, NAB would cover the cost. NAB would also cover the cost of independent, enhanced fraud detection identification services for affected customers. Importantly there is no evidence to indicate that any of the information has been copied or further disclosed.

NAB is advising impacted customers that they do not need to take any action with their account. “We have reviewed these customers’ accounts, over and above our rigorous normal checks, and have not identified any unusual activity. We will continue to monitor 24/7 to protect our customers’ accounts,” Ms Crisp said. NAB also notified and was working with industry regulators, including the Office of the Australian Information Commissioner. Ms Crisp said: “We take full responsibility. We can assure you that we understand how this happened and we are making changes to ensure this does not happen again.”

On further development, NAB CEO admitted that it is difficult to invest huge amount of money in information security compared to the industry leaders like Microsoft, Google, Amazon. His opinion was to leverage on the infrastructure created by these companies i.e. through cloud computing.

Based on the above case study, you have to prepare a report to answer the followings:

- Objectify your audit focus and scope

-  Which business departments, functionalities of NAB, are you planning to audit? And how can you detect regularities, abnormalities in them?

- What suggestions, recommendations do you want to provide to NAB based on your findings?

- As an IT auditor, what rules and regulations are you planning to adhere to?

Marking Information: The case study will be marked out of 100 and will be weighted 30% of the total unit mark

Marking Criteria

Not satisfactory

(0-49%) of the criterion mark)

Satisfactory

(50-64%) of the criterion mark

Good

(65-74%) of the criterion mark

Very Good

(75-84%) of the criterion mark

Excellent

(85-100%) of the criterion mark

Identify the

Inadequate

Basic level

Moderate level

Accurate

Displays

audit focus and

identification of

identification of

identification of

and detailed

exceptional level

scope

audit focus and

audit focus and

audit focus and

identification of

identification of

(20 marks)

scope

scope

scope

audit focus and

audit focus and

 

 

 

 

scope

scope

Analysis and

Inadequate

Basic description

Moderate level

Accurate and

Displays

findings (30

analysis and

of analysis and

description of

detailed

exceptional level

marks)

findings

findings

analysis and

description of

description of

 

 

 

findings

analysis and

analysis and

 

 

 

 

findings

findings

Auditor’s

Inadequate

Basic description

Moderate level

Accurate and

Displays

recommendations

description of the

of the auditor’s

description of the

detailed

exceptional level

(20 marks)

auditor’s

recommendations

auditor’s

description of the

description of the

 

recommendations

 

recommendations

auditor’s

auditor’s

 

 

 

 

recommendations

recommendations

Presentation (30

Inadequate

Basic

Moderate level

Accurate and

Exceptional

marks)

representation of

representation of

representation of

detailed

representation of

 

the designed audit

the designed audit

the designed audit

representation of

the designed audit

 

 

 

 

the designed audit

 

Preserve your Top Grade with Online Assignment Help Service 24/7 Know More