Graduate Studies Reports Access

Graduate Course Proposal Form Submission Detail - ACG6457
Tracking Number - 5072

Edit function not enabled for this course.

Current Status: Approved by SCNS - 2015-02-01
Campus: Tampa
Submission Type: Change
Course Change Information (for course changes only): The pre-requisite needs to be changed from only "ACG 3401 or equivalent" to "ACG 3401 or equivalent, or BUL 5842"
Comments: Elective for M.Acc. To Chair. Pre-Req Change only. GC Approved.; To USF sys 11/18/14; to SCNS 12/1. SCNS apprd eff 2/1/15

Detail Information

  1. Date & Time Submitted: 2014-09-26
  2. Department: School of Accountancy
  3. College: BA
  4. Budget Account Number: 0-1402-000
  5. Contact Person: Uday Murthy
  6. Phone: 8139746516
  7. Email:
  8. Prefix: ACG
  9. Number: 6457
  10. Full Title: Accounting Systems Audit, Control and Security
  11. Credit Hours: 3
  12. Section Type: C - Class Lecture (Primarily)
  13. Is the course title variable?: N
  14. Is a permit required for registration?: N
  15. Are the credit hours variable?: N
  16. Is this course repeatable?:
  17. If repeatable, how many times?:
  18. Abbreviated Title (30 characters maximum): Acct Systems Auditing
  19. Course Online?: B - Face-to-face and online (separate sections)
  20. Percentage Online: 5
  21. Grading Option: R - Regular
  22. Prerequisites: ACG 3401 or equivalent, or BUL 5842
  23. Corequisites:
  24. Course Description: An indepth study of contemporary systems control security from an audit perspective. Course topics will include: IS audit standards, contemporary AIS technologies, and the development and maintenance of AIS integrity.

  25. Please briefly explain why it is necessary and/or desirable to add this course: Needed for program/concentration/certificate change
  26. What is the need or demand for this course? (Indicate if this course is part of a required sequence in the major.) What other programs would this course service? We already have between 25 and 30 graduate students taking this course every spring semester. We expect additional demand from the Master's in Cybersecurity program and the graduate certificate in compliance.
  27. Has this course been offered as Selected Topics/Experimental Topics course? If yes, how many times? No
  28. What qualifications for training and/or experience are necessary to teach this course? (List minimum qualifications for the instructor.) Graduate level coursework or practical experience in information systems auditing.
  29. Objectives: To develop a working knowledge of:

    1. The effects of computerization on controls, security, and auditing of accounting information systems,

    2. The audit process as it relates to computer-based information systems,

    3. IT governance frameworks, specifically COBIT,

    4. Computer fraud and crime in the information age,

    5. General information technology controls,

    6. Application controls surrounding input, processing, and output control procedures,

    7. The design of an audit plan that includes the use of internal control checklists/questionnaires,

    8. Generalized audit software, with specific reference to ACL,

    9. The use of data analysis tools to verify the integrity of accounting information,

    10. The use of data analysis tools for the purpose of fraud detection,

    11. Audit related concerns relative to virtual environments,

    12. Security guidelines for e-commerce systems,

    13. The audit process in an enterprise resource planning (ERP) system,

    14. Continuous auditing and continuous control monitoring techniques,

    15. The implications of recent developments in a particular topic related to information systems auditing.

  30. Learning Outcomes: Upon completion of this course, a student should be able to

    1. explain the effects of computerization on controls, security, and auditing of accounting information systems,

    2. apply IT governance frameworks such as COBIT in a corporate setting,

    4. explain the types of computer fraud and how white collar crime can be committed in the information age,

    5. explain general and application information technology controls,

    7. design an audit plan for computer-based systems that includes the use of internal control checklists/questionnaires,

    8. use generalized audit software, specifically ACL,

    9. use data analysis tools to verify the integrity of accounting information and for fraud detection,

    10. indicate security guidelines for e-commerce systems,

    11. explain the audit process in an enterprise resource planning (ERP) system,

    12. describe continuous auditing and continuous control monitoring techniques.

  31. Major Topics: * IT environment

    * The audit process in an IT environment

    * IT governance

    * Strategy and standards

    * Risk management

    * Process and quality management

    * Software development & implementation

    * IT sourcing

    * Security and service continuity

    * Change management

    * Service management

    * Service desk and problem management

    * System management

    * Operations management

    * Application controls and maintenance

    * Computer assisted audit tools

    * Virtual environments & security

    * E-commerce

    * Enterprise resource planning systems

  32. Textbooks: Information Technology Auditing - With CD - 3rd edition

    by James A. Hall

  33. Course Readings, Online Resources, and Other Purchases: • Information Systems Control and Audit Association web site:

    • Wikipedia Entry on IT Auditing:

    • AICPA Information Technology Section:

  34. Student Expectations/Requirements and Grading Policy: Two exams, each worth 22.2% of the grade, quizzes worth 11.1% of the grade, individual assignments worth 31.1% of the grade, group assignments worth 8.8% of the grade, and attendance/participation worth the remaining 4.4% of the grade.
  35. Assignments, Exams and Tests: Examinations:

    Mid-term examination: 100

    Final examination: 100

    Exam total: 200


    In-class quizzes (10 x 5 pts.) 50

    Individual assignments:

    COBIT case study analysis (COBIT): 20

    Control and security settings in Microsoft Dynamics (MD): 20

    Programming input controls in Access (CTRL): 20

    Testing transactions and balances using (ACL1): 25

    Fraud examination using audit software (ACL2): 30

    Research paper and presentation (RSCH): 25

    Group assignment:

    In-class exercises (8 x 5 pts.) 40

    Assignment total: 180

    Group work (peer assessment) 5

    Online participation (postings in discussion forums) 5

    Attendance, in-class participation 10


  36. Attendance Policy: Course Attendance at First Class Meeting – Policy for Graduate Students: For structured courses, 6000 and above, the College/Campus Dean will set the first-day class attendance requirement. Check with the College for specific information. This policy is not applicable to courses in the following categories: Educational Outreach, Open University (TV), FEEDS Program, Community Experiential Learning (CEL), Cooperative Education Training, and courses that do not have regularly scheduled meeting days/times (such as, directed reading/research or study, individual research, thesis, dissertation, internship, practica, etc.). Students are responsible for dropping undesired courses in these categories by the 5th day of classes to avoid fee liability and academic penalty. (See USF Regulation – Registration - 4.0101,

    Attendance Policy for the Observance of Religious Days by Students: In accordance with Sections 1006.53 and 1001.74(10)(g) Florida Statutes and Board of Governors Regulation 6C-6.0115, the University of South Florida (University/USF) has established the following policy regarding religious observances: (

    In the event of an emergency, it may be necessary for USF to suspend normal operations. During this time, USF may opt to continue delivery of instruction through methods that include but are not limited to: Blackboard, Elluminate, Skype, and email messaging and/or an alternate schedule. It’s the responsibility of the student to monitor Blackboard site for each class for course specific communication, and the main USF, College, and department websites, emails, and MoBull messages for important general information.

  37. Policy on Make-up Work: Make-up Exams: If a student cannot be present for an examination for a valid reason (validity to be determined by the instructor), a make-up exam will be given only if the student has notified the instructor in advance that s/he cannot be present for the exam. Make-up exams are given at the convenience of the instructor usually on Fridays at 10 am.

    Academic Dishonesty and Disruption of Academic Process: The University's policy on academic dishonesty and disruption of the academic process is clearly stated in the USF Graduate Catalog. You are expected to familiarize yourself with this policy, details of which are in the USF Graduate Catalog available at This policy will be strictly enforced. Please be advised that punishment for academic dishonesty may result in an automatic “F” (or “FF”) in the course, or action that may result in suspension or expulsion from the University.

  38. Program This Course Supports: The Audit/Systems concentration in the Master of Accountancy program
  39. Course Concurrence Information: This course would service the Master's program in Cybersecurity and the four course certificate program "Compliance, Risk, and Anti-Money Laundering."

- if you have questions about any of these fields, please contact or