22730 Assurance for Business Systems and Information

This subject addresses the provision of assurance and auditing services for internal and external auditing. It sets out the professional and legal expectations and responsibilities of assurance services and financial statement audits. It deals with the control framework in accounting information systems for the ensuring of security of information and other assets and the integrity of these systems. These controls are evaluated from the perspective that they permeate the entire organisation and are pervasive and inherent in the management of a business. Issues considered include, COSO and COBIT, the nature and purpose of control, its design and operation and management, application control framework, safeguarding assets and data integrity, cryptography and encryption, electronic business environment (EDI systems), and business continuity planning and disaster recovery plans. The subject provides students with competencies in audit methodology of risk and control evaluation, evidence collection and evaluation in various accounting information systems environments including enterprise resource programming (ERP) systems such as SAP. It develops and expands these competencies into providing assurance services on information other than financial information. The subject is accredited by the accounting professional bodies.