This assessment is designed to assess students’ ability to apply theoretical learning to practical, real world situations. In this assessment students are given an IT audit report conducted by the office of the New South Wales Auditor General and asked to do the followings

/in /by

Assessment 2: Report
Due date: Week 5
Group/individual: Individual
Word count / Time provided: 2500
Weighting: 30%
Unit Learning Outcomes: ULO-1, ULO-2, ULO-3, ULO-4, ULO-5, ULO-6, ULO-7
Course Learning Outcomes: CLO-1, CLO-6, CLO-8, CLO-9
Assessment Details:
This assessment is designed to assess students’ ability to apply theoretical learning to practical, real world
situations. In this assessment students are given an IT audit report conducted by the office of the New South
Wales Auditor General and asked to do the followings:
• Identify the audit focus and scope
• Describe high risk IT issues in the NSW city councils
• Describe audit findings related to IT governance in the NSW city councils
• Describe audit findings related to IT general controls in the NSW city councils
• Describe audit findings related to cyber security management in the NSW city councils
• Highlight the professional, legal, and ethical responsibilities of an IT auditor.
In completing this assessment successfully, you will be able to learn how to analyse an IT audit report, learn
4/1/2021 [In Process] 63928 – Assessment 2: ReportDue date: Week 5Group/individual:
https://www.australiabesttutors.com/Recent_Question/63928/Assessment-2-ReportDue-date-Week-5Group-individual 3/5
relevant legislation, generally accepted auditing standards and ISACA’s CORBIT framework, which will help
in achieving ULO1, ULO-2, ULO-3, ULO-4, ULO-5, ULO-6, and ULO-7.
Marking Criteria and Rubric: The assessment will be marked out of 100 and will be weighted 30% of the
total unit mark
Marking Criteria Not satisfactory
(0-49%) of the criterion mark) Satisfactory
(50-64%) of the criterion mark Good
(65-74%) of the criterion mark Very Good
(75-84%) of the criterion mark Excellent
(85-100%) of the criterion mark
Identify the audit focus and scope of the given audit report
(10 marks)
Inadequate identification of audit focus and scope from the report Basic level identification of audit focus and
scope from the report Moderate level identification of audit focus and scope from the report Accurate and
detailed identification of audit focus and
scope Displays exceptional level identification of audit focus and
scope
Describe high risk
IT issues in the
NSW city councils
(20 marks)
Inadequate description of the high risk IT issues Basic description of the high risk IT issues Moderate level
description of the high risk IT issues Accurate and detailed description of the high risk IT issues Displays
exceptional level description of the high risk IT issues
Describe audit findings related to IT governance in the NSW city councils (20 marks)
Inadequate description of the findings related to
IT governance Basic description of the findings related to IT governance Moderate level description of the
findings related to
IT governance Accurate and detailed description of the findings related to
IT governance Displays exceptional level description of the findings related to
IT governance
Describe audit findings related to IT general controls in the NSW city councils
(20 marks)
Inadequate description of the findings related to IT general controls Basic description of the findings related
to IT general controls Moderate level description of the findings related to IT general controls Accurate and
detailed description of the findings related to IT general controls Displays exceptional level description of the
findings related to IT general controls
Describe audit findings related to cyber security management in the NSW city councils (20 marks)
Inadequate description of the findings related to
cyber security management Basic description of the findings related to cyber security
management Moderate level description of the findings related to
cyber security management Accurate and detailed description of the findings related to
cyber security management Displays exceptional level description of the findings related to
cyber security management
Describe and discuss the professional, legal, and ethical responsibilities of an IT Auditor
(10 marks)
Inadequate understanding of the professional, legal, and ethical responsibilities of an IT Auditor; cannot
discuss concepts in own words. Basic knowledge of the professional, legal, and ethical responsibilities of an
IT Auditor. Exhibits breadth and depth of understanding of the professional, legal, and ethical responsibilities
of an IT Auditor. Exhibits accurate and detailed breadth and depth of understanding professional, legal, and
ethical responsibilities of an IT Auditor. Displays exceptional understanding of concepts and their practical
application of the professional, legal, and ethical responsibilities of an IT Auditor