Education

Syllabus - Scheme of Study -2018

Managerial Level-1


(M3) MANAGEMENT INFORMATION SYSTEMS

PART - A WEIGHTAGE 50%
Information Systems (Is)
1. Emerging Technology in E-Business
• Definition of the EDI, E-Business and E-Commerce,
• E-Business Models (B2B, B2C, B2E. B2G, G2C & C2C),
• E-commerce Architecture, E-Commerce Risks,
• Advantages of E-commerce for businesses,
• E-Business Software (SCM. ERP & CRM).
2. Infrastructure and Operations
• Management of IS Operations,
• IT Service Management
• Change Management Process,
• Computer Hardware Components and Architectures,
• Capacity Management
• Operating Systems,
• Network Architecture (LAN,WAN & Wireless.)
3. Information and Databases
• What is a data-base?
• Data modelling;
• Types of databases;
• The roles of a data-base management system;
• Data as a resource;
• Importance of models.
• Information systems categories;
• Office automation systems;
• Communication systems;
• Decision support systems;
• Enterprise systems;
• Limitations
• Uses of information systems categories
4. Systems Acquisition I Development Process
• Approaches (Waterfall, spiral, interactive, prototyping),
• Phases of SDLC (Investigation and feasibility study),
• Requirements analysis and initial design.
• Detailed design specification/ documentation.
• System installation/ implementation & maintenance),
• Project Management.
• Project planning.
• Project control methods and standards
PART - B WEIGHTAGE 50%
IT Audit
5. The Process of Auditing Information Systems
• Audit Mission and planning,
• Role and responsibilities of Internal. external and IT Auditors,
• risk assessment and analysis.
• risk based audit approach,
• compliance and substantive testing,
• internal Controls and their types, objectives and procedures.
• Performing an IT audit,
• CAATs,
• Control self assessment.
6. Governance and Management of IT
• Corporate and IT Governance,
• IT Governance Frameworks,
• Roles and responsibilities of senior management
• Steering committee & chief information officer,
• Policies and procedures,
• Human resource management
• Sourcing practices,
• Change management
• IS roles and Responsibilities,
• Segregation of duties and controls within IS
• Auditing IT Governance structure and implementations
7. Auditing Infrastructure and Operations
• Hardware review;
• Operating systems reviews;
• Data-base local area network, network operating,
• Control, information system operations reviews,
• Lights out operations,
• Application controls and their objectives,
• File creation,
• Data conversion;
• Input and output
• Problem management reporting reviews,
• Hardware availability
• Utilizing reporting reviews, scheduling reviews.
8. Auditing Systems Acquisition / Development Process
• Risk of inadequate system development life cycle (SDLC) and review of development procedures and methodologies,
• Review of acquisition process for outsourcing,
• Information system maintenance practices
• Change management
• Library control software, review of the practice of project management tools and techniques
9. Information Security Management (ISM)
• Importance of ISM,
• Understanding of Facilities (Data centres, outsourced facilities, Storage, media libraries, backup vaults, UPS & Disaster recovery sites),
• Antivirus Software implementation Strategies),
• Program and data security techniques,
• Monitoring and surveillance techniques,
• Environment Controls
• Smoke detectors,
• Fire Suppression Access management controls,
• Physical design and access controls,
• Logical access controls (user authorization matrix & Password managements / password change procedures).
• Network security (encryption, firewalls System and Humidity / Temperature),
• Media Sanitization.
• Auditing Information Security Management
10. Business Continuity and Disaster Recovery
• Defining a Disaster,
• BCP and DRP.
• BCP Process.
• Business Continuity Policy and Planning
• Incident Management
• Business Impact Analysis,
• Development of BCP.
• Insurance,
• Plan Testing
• Auditing Business Continuity