Chevron Left
Retour à Information Systems Auditing, Controls and Assurance

Avis et commentaires pour d'étudiants pour Information Systems Auditing, Controls and Assurance par Université des sciences et technologies de Hong Kong

2,639 évaluations

À propos du cours

The course is awarded The Best Free Online Courses of All Time, and Best Online Courses of the Year (2021 Edition) by Class Central ( --- Information systems (IS) are important assets to business organizations and are ubiquitous in our daily lives. With the latest IS technologies emerging, such as Big Data, FinTech, Virtual Banks, there are more concerns from the public on how organizations maintain systems’ integrity, such as data privacy, information security, the compliance to the government regulations. Management in organizations also need to be assured that systems work the way they expected. IS auditors play a crucial role in handling these issues. In the course “Information Systems Auditing, Controls and Assurance”, you will explore risks of information systems, and how to mitigate the risks by proper IS Controls. You will also get familiar with the IS Audit procedures and how they are applied during the IS development throughout the Systems Development Life Cycle (SDLC). Finally, you will get to observe how we can make the system changes more manageable using formal IS Management practices, such as Change Management Controls and Emergency Changes. The conversations between the course instructor - Prof. Percy Dias, and the IS auditing practitioner will give you a concrete idea on how IS auditors perform their duties, the qualities to become IS auditors and future prospects of IS auditing industry. This course is suitable for students and graduates from Information Systems, Information Technology and Computer Science, and IT practitioners who are interested to get into the IS auditing field. It is also a good starting point for learners who would like to pursue further studies for IS audit certifications – such as Certified Information Systems Auditor (CISA)....

Meilleurs avis


24 juil. 2022

Pro. Diaz has taught and enlightened me about system audit a lot, most of this information was very new to me. I felt fortunate to have a mentor like him, and like to enroll in more courses with him.


28 déc. 2020

Superb course, the instructor lecture and material is precise and concise. A worthwhile for any current and future IS auditor. Pity that I can only give 5 stars as the course deserve 10 stars rating!

Filtrer par :

26 - 50 sur 737 Avis pour Information Systems Auditing, Controls and Assurance

par Tanvir A

24 juil. 2022

Pro. Diaz has taught and enlightened me about system audit a lot, most of this information was very new to me. I felt fortunate to have a mentor like him, and like to enroll in more courses with him.

par Sean R B M

3 oct. 2021

This is the first course that I have taken in Coursera. As an internal auditing student, I would say that this course helped me a lot to gain more knowledge when it comes to information systems. The lessons/topics on the first week of the course are already very familiar to me as we already tackled them in my actual course (internal auditing). The following weeks/topics are very new to me, and I spend so much time understanding them very well. I chose to take this course because it will help me gain knowledge when I take the CISA examination someday. I also want to use my time wisely during this time of the pandemic so I decided to enroll to this course.

par Reena M

2 juil. 2020

Personally, this course was great if you want some basics of IS Auditing. Of course, you are not a professional after this course. You will need to take additional more detailed courses. But, this is a great start!

par Robin Y H

29 déc. 2020

Superb course, the instructor lecture and material is precise and concise. A worthwhile for any current and future IS auditor. Pity that I can only give 5 stars as the course deserve 10 stars rating!

par Anthony G

28 sept. 2020

Professor Dias is a very good instructor who is enthusiastic about IS systems and who teaches you very valuable information on the field of IS auditing. Very good to show to employers.

par Adeel A

18 sept. 2022

Its an excellent course designed to give a brief & quick knowledge about IS Auditing, Risk Management, Change Management, Business Application Development, System Maintenance.

par Prasant K P

20 avr. 2020

The course content lacked the essentials of IS/IT risk management/assessment and mitigation strategies or methods. The course looks more for the students of IT than any professional auditor or IT professional. There was not a single illustration of practical risk-control environment with case studies of internal control lapses to enrich the skill of the participants. The most annoying thing is that the post course survey/feedback is open for all options against each question rather than having only option to select one i.e. whether I agree or Disagree, which is vague and it did not let the course finish until I gave positive remarks to all 15 questions. That is ridiculous!

par Vladislav B

28 déc. 2020

introductory material is covered. The method of presentation is unconventional to those of us who are used to university level lectures in the United States, and is closer to some trade school style lectures. Undue emphasis on alleged bad behavior that needs to be uncovered and prevented by developers that are possibly in cahoots with their managers. The instructor does not provide a sense to the student that he has spent any time in the industry and learned from experience. Good idea to have interviews with Ms. Gloria Luk. If only the interviewing instructor not interrupted her constantly.

par Pavel S

8 mai 2020

Decent overview of the profession and good use of the slides. Material presents somewhat outdated view of the industry or very specific to financial domain. Certain examples and quiz questions were ambiguous or convoluted which resulted in seemingly correct answers being marked as wrong. No replies from the professor in discussion forums.

par Yaki M

9 juil. 2020

This course is VERY basic. It explains the very basics of audit but does not provide any real-life examples or experience.

An OK place to start, if you know nothing about IS auditing.

par Thijs D

27 mars 2021

Poor presentation skills and grammar. Bad sound on video 4.8. Exams are of higher level than course itself, that made it challenging.

par Tadele L

29 nov. 2022

ISACA Outlines Five Steps to Planning an Effective IS Audit Program 

ISACA Outlines Five Steps to Planning an Effective IS Audit Program (Source: ISACA)

Rolling Meadows, IL, USA (31 March 2016)—A new report from global IT association ISACA identifies five steps organizations should take to create an effective audit program and reap the benefits of a successful information systems (IS) audit.

IS audits help enterprises ensure the effective, efficient, secure and reliable operation of the information technology that is critical to organizational success. The effectiveness of the audit depends largely on the quality of the audit program, according to a new ISACA white paper, titled Information Systems Auditing Tools and Techniques: Creating Audit Programs.

According to the guide, the audit process consists of three phases: planning, fieldwork/documentation and reporting/follow-up. The planning phase consists of five key steps.

1.    Determine audit subject.

2.    Define audit objective.

3.    Set audit scope.

4.    Perform pre-audit planning.

5.    Determine audit procedures and steps for data gathering.

“ISACA’s new white paper provides audit and assurance professionals with practical guidance on how to develop audit programs from the ground up,” said Rosemary M. Amato, CMA, CISA,  a director on ISACA’s Board, and Director, Deloitte Accountant B.V. “Audit processes are clearly defined by phase with activities clearly described. ISACA’s new guide can be leveraged in your organization to add value to the audit function.”

Setting the audit scope is critical, according to the white paper, because “the IS auditor will need to understand the IT environment and its components to identify the resources that will be required to conduct a comprehensive evaluation.” A clear scope helps the auditor determine the testing points relevant to the audit’s objective.

Pre-audit planning includes tasks such as conducting a risk assessment, identifying regulatory compliance requirements and determining the resources that will be needed to perform the audit.

The final planning step—determining audit procedures and steps for data gathering—involves activities such as obtaining departmental policies for review, developing methodology to test and verify controls, and developing test scripts plus criteria to evaluate the test.

Once planning is complete, auditors can move on to the fieldwork and documentation phase (acquiring data, testing controls, issue discovery and validation, documenting results) and the reporting phase (gathering report requirements, drafting the report, issuing the report and follow-up), both of which are described in detail in ISACA’s Information Systems Auditing Tools and Techniques: IS Audit Reporting paper.

“Creating Audit Programs” indicates three key success elements: IS auditors should be familiar with standard frameworks, the operating environment of the entity under review and the audit process used internally.

“Creating Audit Programs” and supporting materials, including a related infographic and sample audit program, are available as a free download at



ISACA ( helps global professionals lead, adapt and assure trust in an evolving digital world by offering innovative and world-class knowledge, standards, networking, credentialing and career development. Established in 1969, ISACA is a global nonprofit association of 140,000 professionals in 180 countries. ISACA also offers the Cybersecurity Nexus (CSX), a holistic cybersecurity resource, and COBIT, a business framework to govern enterprise technology.

Twitter: LinkedIn:



Kristen Kessinger, +1.847.660.5512, news@isaca.orgJoanne Duffer, +1.847.660.5564,                           Jay Schwab, +1.847.660.5693


par Gyana R R

3 oct. 2021

This is excellent course I will recommend to the professionals working in the field of Fraud investigation , forensic investigation and Audit to learn this course.

It will help them to sharpen their knowledge and built them industry ready for investigating the new age digital frauds, Payment Bank frauds, E- banking System frauds, Virtual banking Frauds, AI systems frauds . It also help to analysis's and identifying the potential risks in the information system of the organization. The IS Auditor also advice the senior management to put preventive and adaptive controls in the information systems of the organizations.

Best Regards,

Gyana Ranjan Rath- FAFE & IS Auditor

12+ year experience in the filed of Fraud investigation & reporting

par Tanmayee P

6 juin 2021

Thank you Mr. Dias for the thorough and interesting lectures on IS auditing and controls. I gained knowledge in the areas of IS change management controls, SDLC and IS Risk management controls. I loved the instructor's enthusiasm and interest to teach the students almost every important aspect of IS audit. I wish the course had few case studies so as to see how is an audit report prepared and some more material on "Incident reporting". "Business Continuity Management", "Disaster Recovery Management" etc. However, I felt the course is designed really well. I didn't lose interest or grasp. The examples provided by Mr. Dias were very appropriate and accurate.

par Shahab U A

19 janv. 2022

The instructor was very keen to the audience who started at the very initial level of the course which the newly person who just started career in IT side know the base and foundations about what is IS audit and she explained it very well. His honesty was showing when he delivered all his knowledge to the students as well as the interview was very helpful to understand what's current happening in IT environment. I am very grateful to be a part of this course and especially for Prof. Dias. Many good wishes to him for doing the fantastic job.

par seng c T

2 nov. 2021

Extremely useful to revise and being reinforced on the salient IS audit, control and assurance elements and focus areas. The section covering future trends and insights on disruptive trends (already happening and pervasive) are well summarised and remind us on the ever changing landscapes and its associated risks and threat landscapes which the IT/IS audit profession have to catch up with the automated tools, and updating frameworks, standards, guidelines and industry best practices. A well taught course worth recommending. Thank you!

par Brayden C

9 janv. 2023

Information systems (IS) are valuable assets to businesses and are present in our daily lives.

With the latest IS technologies such as Big Data, FinTech, and Virtual Banks emerging, the public is becoming more concerned about how firms maintain system integrity, such as data privacy, information security, and compliance with government requirements. Organizational management must also be confident that systems perform as planned. IT auditors play a critical role in dealing with these concerns.

par Tuyishime B

11 sept. 2021

The course was very helpful, easy to learn but requires to give enough time,

It was a perfect match with my background education, it was just like unbelievable to be with Prof. Dias, good ideas, well prepared explanation and the last part about fintech was absolutely fantastic.

Behind every successful business, there is a strong IT Auditor/Advisor, stated by me @thx to Prof. Dias@Information Systems Auditing, Controls and Assurance.

par Sharada N

8 oct. 2020

Very well explained on IS Audit by Prof. Dias. What I loved about the course is it has given me a better understanding about the purpose of undertaking IS Audit. Not only exams are aligned to real life scenarios, but they give insights about various concepts and terminologies for better understanding of all tasks done relating to IS audit. Be it different controls or change management.

Thank you, professor for all the insights.

par Prathamesh S K

17 juin 2022

The course is a brilliant starter course for someone who wants to know what is IT/IS Auditing and understand the basics/foundation of the terms that are used in the same. It also has description on SDLC, which could have been reduced and instead can put more on Controls and Audits examples. But overall its a great course and can be definitely opted if you want to get into Information Systems Auditing and Assurance.


12 nov. 2021

Well-run course. Allows you to understand the basic principles of IS auditing. Very useful. Very well put together, clear course. Relevant exercises. Good distribution of points. Interesting, on the other hand a little too much material. Very well presented, PowerPoint helps to assimilate the material. Before class I was not particularly motivated and I found myself really enjoying the course.

par Linda C

31 janv. 2021

The information System (IS) Auditing, Control and Assurance course has provided me a better understanding about the role of IS auditor. This short course equips me with basic knowledge on IS Audit: role of IS auditor, risks in IS, how to mitigate risks by proper IS control, how to maintain and improve system’s integrity, efficacy and effectiveness to achieve the organisation's goals.

par Jeorge R L

13 sept. 2020

This course serves as an appropriate primer to someone who wants to learn about IS audit. I have learned a lot from this course. The topics are well discussed by Prof. Dias, with detailed explanations and very good examples that even a person without an IT background can understand. I would to thank The Hongkong University for putting this one up. More power also to Prof Dias! =)

par Syed Z

3 janv. 2021

It's an excellent beginner level course. Looking forward to more advanced level course in IS auditing. It will be great to have a course with some case studies of a few industries, taking the students through the whole audit process from start to finish which includes the current technologies used in auditing, generating audit reports and recommendations, etc.

par Amanpreet s

16 août 2020

A really great course to kickstart your career in the field of IS/IT Auditing. Even for learning and just for the sake of up-skilling, this course is highly recommended. Request you to please put in Sarbanes Oxley Compliance with IS/IT Auditing to provide the learners gain better insights about the SOX Compliance and IS Auditing. Overall, a great experience.