Learning Objective M08A-LO1: Explain essential control concepts and why a code of ethics and internal controls are important.

Learning Objective M08A-LO2: Explain the control objectives and components of the COSO internal control framework and the COSO enterprise risk management framework.

Learning Objective M08A-LO3: Describe the overall COBIT framework and its implications for IT governance.

Learning Objective M08A-LO4: Describe other governance frameworks related to information systems management and security.

Learning Objective M08B-LO1: Describe the risks related to information security and systems integrity.

Learning Objective M08B-LO2: Understand the concepts of encryption and authentication.

Learning Objective M08B-LO3: Describe computer fraud and misuse of AIS and corresponding risk-mitigation techniques.

Learning Objective M08B-LO4: Define vulnerabilities, and explain how to manage and assess them.

Learning Objective M08B-LO5: Explain issues in system availability.

Learning Objective M08B-LO6: Explain the concepts and issues in System and Organization Controls (SOC) reporting.

Learning Objective M08B-LO7: Describe the importance of disaster recovery and business continuity.

Learning Objective M08C-LO1: Understand the risks involved with computer hardware and software.

Learning Objective M08C-LO2: Understand and apply computer-assisted audit techniques.

Learning Objective M08C-LO3: Explain continuous monitoring and continuous audit in AIS.