JAIIB PPB Unit 35 - Security Considerations

A typical computerised environment constitutes three independent but separate components Software, Hardware and Data

The Risks broadly lead to

Incorrect decision-making leading to setback to business
Interruption in activities due to loss of data, hardware, software, Peopleware.
Violation of Privacy
Direct Financial loss due to computer frauds.

The objective of Computer Auditing is:

Assets safeguarding
Preserving data integrity
Achieving system efficiency

Risk prone components in computerised systems

Errors and omissions in data and software
Unauthorised disclosure of confidential information
Computer abuse and mis-utilisation of banks assets

Effective Control Mechanism in computerised environment

Preventive
Detective
Corrective

Scope of System Audit is

Review of operations to establish compliance
Review of the adequacy of procedures and controls
Integrity review focused at fraud detection/prevention of IT system
Audit Trail is a chronological record of all events occurring in a system.

Legal Framework for Electronic Transactions

Consequent upon the recognition given to the electronic records, electronic documents and electronic signatures, incidental amendments have also been made in the following acts:

The Indian Penal Code, 1860
The Indian Evidence Act, 1872
The Bankers’ Books Evidence Act, 1891
The Reserve Bank Of India Act 1934