Information Technology Security for Accountants

Note: this course is currently not being taught at UMW. This is a course I developed for the Masters of Accountancy at the College of Charleston.

COURSE OVERVIEW:

This course addresses the technology used in the accumulation, reporting and analysis of accounting data. Topics are taught from an Information Technology auditing perspective and include modern computing hardware, telecommunications and networking concepts, an overview of the environment of the data communications industry, and an introduction to information security.

With respect to information security, this course is designed to familiarize students with the technical language of information security, help students understand information security concepts, increase students’ awareness of the importance of information security, make students aware of principle threats to business information technology (IT) and information systems (IS), and acquaint students with corresponding information security practices necessary to protect and mitigate risk associated with such threats. The course will also address emerging issues related to IT and IS threats and security.

LEARNING OBJECTIVES:

Students successfully completing this course will:

  1. Have developed a fundamental understanding of the technical language of information security.
  2. Have demonstrated an awareness of and appreciation for the practical importance of information security for individuals and organizations.
  3. Have demonstrated a pragmatic understanding of foundational information security concepts (e.g., confidentiality, availability, integrity, accountability, awareness).
  4. Have demonstrated an understanding of the nature and implications of IT as it relates to specific threats and/or domains of information security.
  5. Have demonstrated the ability to analyze and explain the nature of, the potential for harm from, and the potential business implications of the principle vulnerabilities of and threats (non-subversive and subversive) to business IT and IS.
  6. Have demonstrated understanding of the information security concepts and practices (their nature, function, and application) necessary to protect organizational IT and IS resources and mitigate risks associated with such technologies and systems.
  7. Have demonstrated a pragmatic understanding of and appreciation for real-world particulars associated with the application of information security concepts and practices.
  8. Have demonstrated a critical awareness of an organization’s institutional, legal, ethical, and social responsibilities regarding information security.
  9. Have demonstrated effective oral and written communications skills, critical evaluation skills, ethical reasoning skills, foundational business technology skills (e.g., word processing, spreadsheet, and presentation software), and electronic research skills.
  10. Have demonstrated an understanding of core concepts associated with auditing Information Systems security.
  11. Have an understanding of how to apply COBIT to issues with auditing Information Systems Security.
  12. Have demonstrated an understanding of the importance and relevance of IT security to Accounting.