The Hindu : RBI checklist for computer audit

Online edition of India's National Newspaper
Wednesday, Dec 25, 2002

Business

Business

RBI checklist for computer audit

MUMBAI DEC. 24. A Reserve Bank of India-constituted sub-committee has prepared a standardised checklist to facilitate conduct of computer audit in banks.

The group chaired by A. L. Narasimhan has classified areas of risk in the information system (IS) environment in 15 categories — business strategy, long term IT strategy, short range IT plans, IS security policy, implementation of security policy and IS audit guidelines, the RBI said in a release today.

The other areas are acquisition and implementation of packaged software, development of software, physical, operating and application system controls, database controls, network management, maintenance and internet banking, it said.

These checklists would only be in the nature of guidelines and banks would be free to have more elaborate checklists to conduct IS audit suitable to the IT environment in which they operate and propose to operate, it added.

Some aspects in the checklists are whether the business strategy is documented and the business objectives have been defined and if the role of IT has been clearly spelt out; whether IT issues as well as opportunities are adequately assessed and reflected in the organisation's strategy, and long term and short term plans.

Whether assessments are made periodically by the bank to ensure that IT initiatives are supporting the organisation's mission and goals and whether major developments in technology are assessed for their impact on the strategy and if necessary corrective steps have been taken where needed, are some of the other aspects of the checklist, the release said.

PTI

Printer friendly page
Send this article to Friends by E-Mail

Business