Is Audit Training Needs for the 21ST Century: A Selected Assessment
暂无分享,去创建一个
This paper explores the training needs of a selected population of Information Technology professionals, the information systems auditor. Through an electronic survey, information has been gathered about the training needs and priorities and resources of this field. This survey could not possibly canvas the needs of the entire community of Information Systems Audit, Control and Security Professionals who span many disciplines and professional societies. It does provide some information about their training needs, priorities and resources. The survey has gathered information from practicing professionals from the Big 5 Firms, private sector, consulting and government. Respondents of this survey came from not only the US, but Europe, Australia and Asia/Pacific Rim as well. The results of this paper show the level and areas of need in information audit, control and security education. It provides a baseline for other surveys to be initiated within geographic areas. Universities, working in partnership with industry, government and professional associations can help identify such training needs and in turn, offer coursework or certificate programs to help develop the information systems audit, control and security professional of the present and future. With President Clinton's recent support to place Computer Security at the top of the nation's priority list, and the movement of a number of professional associations to recognize the need for continued training in this field as well as inclusion of questions relating to this field in their professional certification examinations has provide an incentive for University programs to provide educational resources to this area. The Information Systems Audit and Control Association has published its Model Curriculum for Information Systems Audit Education at the Undergraduate and Graduate level in May 1998. The National Colloquium of Information Systems Security Education was created in 1997 to provide a forum for leading figures in government, industry and academia to work in partnership to define current and emerging requirements for Information Systems Security Education. Many more professional associations worldwide have made similar announcements in an effort to improve the education of Information Security, Audit and Control.
[1] James Guthrie,et al. Older Dogs and New Tricks: Career Stage and Self-Assessed Need for Training , 1996 .
[2] Frederick Gallegos,et al. Information Technology Control and Audit , 2000 .