Section outline

  • General

    Collapse all Expand all
    • Announcements Forum

      Welcome to the Information Security and Auditing Class. Information technology (IT) has inspired the reengineering of traditional business operations. As global networks expand the interconnection of the world, the smooth operation of communication and computing systems becomes vital. The immediate need for organizations to protect critical information continues to increase. IT advances have introduced new risks that require unique internal controls and also have had great influences on auditing.

       IS Auditing examines information systems in order to provide valuable information about the operations and security of information and information systems. This course will additionally give the learner essential information in order to conduct information systems audits. It exposes the learner to the different IT governance, acquisition reporting and compliance.

      In this class, we shall have a look at both Information Security and Information Systems Auditing. We hope to interest some of our learner to take this area as their career path. The class will be facilitated by Dr. Samali V. Mlay, Mr. Samuel Ssendi and Ms. Stella Kyalimpa. Enjoy the class.

    • ISA Course Outline File

      Please receive the course outline that will guide this class.

    • LIVE VIRTUAL ONLINE CLASS External tool
    • TAKE HOME ASSIGNMENT-27 SEPT 2024 TO 27 OCT 2024
      Opened: Friday, 27 September 2024, 12:00 AM
      Due: Sunday, 27 October 2024, 12:00 AM
    • BBC2 - BUC2103 - ISA COURSEWORK EXAMINATION RESULTS AY24-25 File
      191.0 KB · Uploaded 25/11/24, 08:18

  • Topic 1 - Introduction to Information Security

  • Topic 2: Information Security Threats, Risks and Cyber Crimes

    • Information Security Threats and Risks File

      In this part of topic 2, we shall cover;

      1.      Information security Threats

      • Types
      • Mitigation strategies

       2.      Information Security Risks

      • Types
      • Mitigation strategies

    • Topic 2.2_Overview of Cyber Security File

      This part of topic 2 will introduce us to an overview of cyber crime. It will cover; 

      • Cyber security terminologies
      • Types of cyber attackers
      • Cyber security increasing threat landscape
      • Cyber terrorism Vs. Cyber warfare
      • Critical IT and National Critical Infrastructure
      • Case studies

    • Topic 2.2_Cyber Crimes File

      This last part of Topic 3 will enable us dig into the various categories of cybercrime. Specifically we shall delve into the following;

      • Cybercrimes targeting Computer systems
      • Cybercrimes targeting Mobiles
      • Online scams and frauds
      • Social Media Scams and Frauds
      • Social Engineering attacks
      • Case studies
      You are encouraged to search for more in order to protect yourself against cybercrime.

    • How the Greatest Hacker Manipulated Everyone URL

      This video will give you a glimpse into Kevin David Mitnick's life journey as an Expert Hacker who later became a Security Expert. He is renown as the Greatest Hacker in the World.

    • Cybercrime testimonies Forum

      For learning purposes, share here the various forms of cybercrime that you or someone you know have experienced. Additionally, share the lessons learnt from the cyber crime and advise on how to protect ourselves against them.

  • Topic 3_Information Security Policy

    • Information Security Policy File

      Topic overview.

      Information security policy, policy definition and information security lifecycle.

      Types of Information security policies

      A structure and framework of compressive security

      Policy, policy infrastructure, policy design lifecycle and design processes, PDCA model,

      Security policy standards and practices-ISO27001, NIST Frameworks.

  • Topic 4_Security System Development Life Cycle

  • Topic 5_IT Governance and Management

    • Topic 5_IT Governance and Management File

      5.1 IT Governance

             i.         i. Principles of IT governance

            ii.        ii. Assessing the effectiveness of IT governance frameworks

           iii.        iii. IT Governance Auditing

       

      5.2 IT Management and Operations

             i.         i. Evaluating IT policies, procedures, and controls

            ii.         ii. Change management and configuration control

           iii.         iii. IT Management and Operations Auditing

  • Topic 6 - IS/IT Auditing concepts

  • Topic 7 - Information Systems Controls and Controls Objectives

  • Topic 8

  • Topic 9

  • Topic 10

  • COURSEWORK SECTION

    • ISA COURSEWORK TWO EXAMINATION AY24-25 Quiz
      Opened: Saturday, 26 October 2024, 8:00 AM
      Closed: Saturday, 26 October 2024, 9:12 AM

      MAKERERE UNIVERSITY BUSINESS SCHOOL

       

      COURSEWORK TWO EXAMINATION FOR THE DEGREE OF

      BACHELOR OF BUSINESS COMPUTING

      OF MAKERERE UNIVERSITY, ACADEMIC YEAR 2024/2025

       

      COURSE NAME:    INFORMATION SECURITY AND AUDITING

      YEAR OF STUDY: Three

      SEMESTER:           One

      COURSE CODE:    BUC3126                                   

      DATE:                    October 26, 2024                       

      TIME:                     8.00am – 9.00am

       

      INSTRUCTIONS:

      1.     The Examination is comprised of 50 Random questions; Choose the most correct response.

      2.     All questions are COMPULSORY and therefore MUST be attempted by all students directly on the MUBSEP platform

      3.     The exam duration is 1 hour.

       

      We wish you success

       

  • Topic 12