1. Abstract
 (A 150-word description about the course)

Information security has become more and more important in today’s business world. From time to time there are threats and vulnerabilities facing us. This course has been designed to teach us the nature of such threats and vulnerabilities to information processes so that we can know our enemies and the related technical and managerial solutions for us to counteract with. Besides, through learning the key activities and techniques in performing risk management and information systems control we can know ourselves. To make sure the technical controls and management controls are well designed and functioning properly, role of information systems audit is explained in enhancing asset safeguarding, data integrity, system effectiveness and system efficiency. The other goal of this course is to prepare students in achieving professional qualification as Certified Information Systems Auditor (CISA).