COMPETENCE APPROACH TO ACADEMIC AND PROFESSIONAL TRAINING OF AUDITORS OF INFORMATION SYSTEMS AND TECHNOLOGIES
Keywords:audit of information systems, professional competencies, business processes, infrastructure, maturity model
An analysis of the specifics of the formation of a set of of competencies formation for the system of academic and professional training of specialists in audit and monitoring of information systems and technologies is carried out. It is determined that the training system should be formed in accordance with the global system of service industry standardization and international requirements and standards. The essence of the competencies formation on the basis of American and European standards in the field of information systems and technologies is revealed. The hierarchical sequence of the implementation of the world system of standardization for audit and quality control of information systems and technologies functioning in order to determine requirements to competences of the auditor of information technologies is defined. Practical tasks of the process of obtaining objective, qualitative and quantitative assessments of the current state of information infrastructure in accordance with the defined criteria, requirements and quality indicators are highlighted. The main features of competencies, skills, knowledge of specialists in audit and monitoring of information systems and technologies formation are identified. Formation of basic academic and professional competencies of specialists in the audit of information systems and technologies on the basis of the domain educational model Competency Model Clearinghouse is presented. It has been created the competence model for formation of the set of knowledge, skills and abilities during organization and support of information systems and technologies audit, control and monitoring. Tasks and concept of specialists’ integral competence are defined. The list of academic and professional competences is formed, basic abilities and skills of specialists in information systems and technologies audit are defined as well. Classes and levels of competencies are determined, as well as correspondent to them positions in the field of audit of information systems and information technologies of the industry sector. Special attention is paid to the international generally oriented approaches to standardization of educational services and competencies levels in accordance with professional requirements to specialists in the field of information technology audit system. Basic levels of professional certification of information systems auditors, which should provide a high quality level of a wide range of services in the field of information technologies and information security, have been determined.
V. Bykov, Key factors and modern instruments of system of education development, vol 2. 1. 2007. [Online]. Available: https://journal.iitta.gov.ua/index.php/itlt/article/view/270/256. (in Ukrainian)
A. Dzhurylo, O. Shparyk, ІСТ competence for secondary school teachers and students in the context of education informatization: global experience and challenges for Ukraine, vol. 70, (2), 2019, рр.43-58. [Online]. Available: http://lib.iitta.gov.ua/716055/1/Dzhurylo_Shparyk_ICT_Competences.pdf. (in English)
V. Bykov et al., Fundamentals of Standardization of Information and Communication Competences in the Ukrainian Education System: Methodical Recommendations, Kyiv, Ukraine: Atika, 2010, 88р. (in Ukrainian)
Hinde David, “Prince2 Study Guide: 2017,” Update 2 nd Ed. — Sybex. 2018, 580 p. (in English)
D. S. Rychen, Laura H. Salganik, “Key Competencies for a Successful Life and Well-functioning Society,” Hogrefe Publishing; 1, Aufl. edition (March 3, 2015), 224 р. (in English)
Mary B. Curtis, Greg Jenkins, Jean Bedard, Donald R. Deis, Auditors' Training and Proficiency in Information Systems: A Research Synthesis, Journal of Information Systems 23(1),•March, 2009, рр.79-96. (in English)
David L. Cannon, Brian T. O'Hara, Allen Keele, CISA Certified Information Systems Auditor Study Guide, 4th Edition, 2016, 696p. (in English)
Primary elements of Total Quality Management (TQM), 2021. [Online]. Available. https://asq.org/quality-resources/total-quality-management. (in English)
Quality management systems, Standards ISO 9000:2015, ISTE – Quality management systems — Fundamentals and vocabulary, 2021. [Online]. Available: https://www.iso.org/.html. (in English)
Materials of the International Organization for Standardization ISO 10000, 2021. [Online]. Available: https://webstore.ansi.org/industry/quality-management/iso-10000-series. (in English)
International quality standard ISO 9001:2015, 2021. [Online]. Available: https://www.iso.org/obp/ui/#iso:std:iso:9001:ed-5:v1:en. (in English)
O.Yudin, O. Matviichuk-Yudina, The concept of forming professional competencies of specialists in informational technologies and cyber security, Science-based technologies, 3 (43), рр.330-343, 2019. (in Ukrainian)
Information technology, securityte chniques, information security management systems requirements ISO/IEC 27001, ISO, Geneva, 2005, 23р. (in English)
Information Systems Audit and Control Association, Standards ITAF-ISACA, 2021. [Online]. Available: http://www.isaca.org.ua/index.php/standards/itaf. (in English)
The Digital skills Standards, ICDL USA: (a non-profit initiative that provides ICDL certification programs), ICDL, Americas, 2020. [Online]. Available: https://icdl.org. (in English)
The ISTE Standards, International Society for Technology in Education. – 2020. – [Online]. Available: https://www.iste.org/standards/for-students (in English)
Strategies for Cyber Competition, Cyber Competitions, NICCS, 2021. [Online]. Available: https://niccs.us-cert.gov/formal-education/cyber-competitions (in English)
Strategies for Cyber Competition, Glossary of common Сyber security terms, 2021. [Online]. Available: https://niccs.us-cert.gov/glossary. (in English)
O.Yudin, R. Ziubina, O. Matviichuk-Yudina, The modern practices of implementation of the information security audit system on the critical infrastructure objects, Science-based technologies. 1, 2019, рр.36-43. (in English).
O. Yudin, Y. Boiko, R. Ziubina, V. Tverdokhleb, S. Beresina, Data Compression Based on Coding Methods with a Controlled Level of Quality Loss, 2019 IEEE International Conference on Advanced Trends in Information Theory, ATIT – Proceedings, 2019, pp. 22-27. (in English)
How to Cite
Copyright (c) 2021 Олена Василівна Матвійчук-Юдіна
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Authors who publish in this journal agree to the following terms:
- Authors hold copyright immediately after publication of their works and retain publishing rights without any restrictions.
- The copyright commencement date complies the publication date of the issue, where the article is included in.
- Authors grant the journal a right of the first publication of the work under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License (CC BY-NC-SA 4.0) that allows others freely to read, download, copy and print submissions, search content and link to published articles, disseminate their full text and use them for any legitimate non-commercial purposes (i.e. educational or scientific) with the mandatory reference to the article’s authors and initial publication in this journal.
- Original published articles cannot be used by users (exept authors) for commercial purposes or distributed by third-party intermediary organizations for a fee.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) during the editorial process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (see this journal’s registered deposit policy at Sherpa/Romeo directory).
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Post-print (post-refereeing manuscript version) and publisher's PDF-version self-archiving is allowed.
- Archiving the pre-print (pre-refereeing manuscript version) not allowed.