Chienting Lin and Li-Chiou Chen. (2009). “Development of an Interdisciplinary Information Technology Auditing Program,” Proceedings of the 13th Colloquium for Information Systems Security Education, Seattle, WA, June 1-3, 2009. Paper
We have published a paper in the 2009 Colloquium for Information Systems Security Education. This paper provided an example of developing an interdisciplinary IT Auditing curriculum by mapping the CNSSI /NSTISSI standards with the prevailing ISACA IT Auditing Model Curriculum. IT Auditing involves assisting public or private organizations in ensuring that their information technologies and business systems are adequately protected and controlled. Consequently, IT Auditing professionals need to have a solid grounding in information technology, information assurance, auditing process, as well as regulatory and compliance frameworks. Through our standard mapping processes, we were able to discover the discrepancies between IA and Auditing and proceeded to redesign our current IA curriculum. Specifically, we have proposed a new IT Auditing course that addresses IT Auditing-specific topics, as part of an IT Auditing concentration in both undergraduate and graduate levels. Since CNSSI/NSTISSI standards have been mapped extensively to IA curriculum offered by the universities designated as NSA’s Centers of Academic Excellence in Information Assurance Education (CAEIAE), our mapping can provide CAEIAE universities with suggestions on how to enhance their current IA curriculum in order to train IT Auditing professionals.