A New Approach for Information System Audit Teaching
Ricardo Pérez-Castillo (University of Castilla-La Mancha, Spain)
Ignacio García-Rodríguez de Guzmán (University of Castilla-La Mancha, Spain)
Mario Piattini (University of Castilla-La Mancha, Spain)
Moisés Rodríguez (AQCLab, Spain)
Abstract: Today, no matter what market niche a company moves into or whether a business focus is technological, information technologies are its cornerstone in terms of its success and the fulfilment of its business goals. However, an undeniable fact is that technologies, in addition to many competitive advantages, carry many risks that must be properly identified and managed. Organizations must implement control measures to manage the risks. The whole set of control measures build up the Internal Control. However, only the realization of Information Systems (IS) Audit ensures that Internal Control is effective and efficient, and protects the most important assets of the organization, thus ensuring that it can achieve its business goals. This article presents a new vision of teaching in the area of IS Audit, presenting a methodology based on Project Based Learning (PBL) simulating that students belong to a real organization where they must not only develop an Internal Control but also evaluate it through IS Audit techniques. The simulation of a real environment facilitates the acquisition of competencies and knowledge related to IS Auditing, making more attractive the learning process. A tool called HASI has been developed, which implements the detailed workflow depicted in the methodology, allows to automate all the activities carried out by the students. Finally, this article presents the validation of the methodology carried out through the resolution of a practical case with the HASI tool. The validation allows observing to what extent the students perceive the learning of the areas of the IS Audit.
Keywords: IS auditing, PBL, Tool support learning, information system
Categories: H.0, L.2.3, L.2.7, L.3.4, L.3.6