Basic responsibilities of auditor in CBS [core banking solution] environment of the Banking Company?
Hello Sorry for late reply, was stuck with mumbai batch.
This topic is not covered in module and it is not covered in practice manual or RTP also, so i seriously dont think it will be targeted.
But still i got this from other ICAI publications
Audit of Core Banking Solution
Audit is the process of evaluating the adequacy of controls and also ensuring relevant application modules deal comprehensively with business process. The various aspects to be verified while performing the audit in the Core Banking Solution environment would be:
(a) Review of Security Policy
(b) Review of Business Continuity Planning & BCP policy
(c) Review of Systems Development and Change Management Procedures & process
(d) Network vulnerability Assessment of Effectiveness of Intrusion Detection Systems.
(e) Evaluation of controls in operating systems.
(f) Control in databases
When any of the services like software development, database management, network management are
outsourced, review of the service level agreement to ensure that confidentiality integrity and availability
are taken care of is extremely important. Service level agreements should provide for a systems
auditability clause. So that Banks will have the right to have systems audit conducted of the third party
(g) Testing of application modules of the Core Banking Solution.
(h) Review of Systems logs.
(i) Audit of Internet Banking, Audit of ATM and RTGS/ NEFT also need to be done and these have been
considered separately under their respective heads.
That means IS Audit of outsourcing activities should form part of IS Audit of Core Banking.