IS or IT Audit is “the process of collecting and evaluating evidence to determine whether an Information system is secure and whether the security measures implemented in the Banks safeguard its assets, maintain data integrity, allow organizational goals to be achieved effectively, and use resources efficiently.”
Vulnerabilities in the Bank’s Information System includes:
• Improper system/network design, • Programming errors, weak or inadequate physical/logical access controls • Absence of or poorly designed procedural controls • Lack of backup/contingency procedures • Ineffective employee supervision, and management controls
Cyber security is critical for every business, especially banks. Financial institutions hold important data that may be siphoned off for indulging in fraud or various other criminal activities.
Security measures are therefore indispensable for Banks. Such measures should be designed in a manner to detect and prevent attempts to steal consumer data.
IS Audit For Banking
Primary Objectives of Audit
Examining the system of internal checks.
Checking arithmetical accuracy of books of accounts, verifying posting, casting, balancing, etc.
Verifying the authenticity and validity of transactions.
Checking the proper distinction between capital and revenue nature of transactions.
Confirming the existence and value of assets and liabilities.