Indian banks’ business processes are undergoing a paradigm shift as they become more dependent on IT. IT has evolved from supporting functions to process controllers and continues to evolve to form the foundation of business operations.
The use of technology has not only enabled banks to operate efficiently but has also provided flexibility in the services provided. Gone are the days of fixed banking hours, banking services are available 24/7 via ATM networks and internet banking. Improved productivity. It won’t be long before the vision of the “bank customer” becomes a reality and Bill Gates’ statement is realized.
But as technology was introduced, new risks and liabilities were introduced into the system. Viruses, hackers and fraud threats are often detected. It’s not uncommon for power outages to cause services to become unavailable, resulting in computer outages.
There are various reasons for these problems. Lack of process re-engineering through the use of technology, failure to respond to changes in control structures, lack of awareness and training, dependence on vendors and, most importantly, lack of proper auditing of information systems. The purpose of this article is to describe the broad structure of information systems and a technology review of Indian banking.
What is the difference between an information security audit and a financial audit?
Automating systems using information technology has its own strengths and weaknesses, leading financial audit services to look and dive into information systems auditing as a tool that provides a shell for maximizing profits and avoiding shortcomings. I was. However, information systems audits are different from financial audits and other types of audits.
The main difference is in approach. A financial audit is a post-mortem activity. Check transactions that pass through the system during a predefined time period. For example B. From the last audit to the date of the current audit, or from his April 1st to his March 31st of the previous fiscal year. It focuses on transaction effectiveness based on a set of predefined transaction processing business rules. In other words, check the past process up to this point. Information systems audits focus on the business process controls enforced by technology and their impact on current and future transactions. Accounting audits focus on “monetary transactions,” while information system audits focus on the transaction process. Example: Financial audits look at customer account balances to understand if the value received is correct. Information systems audits focus on the balance sheet calculation process implemented by the software rather than the actual value. In other words, financial audits seek quantitative value, while information systems audits seek qualitative value.
Financial audits can ignore technology. Treat the technology as a black box, checking inputs and outputs for known consistency. (also known as “Around the Computer Audit”). Information system auditing is not possible without considering technology.
Types of Bank Audits
There are different types of bank audits, such as risk-based internal audits, financial and tax audits, equity audits, credit checks, RBI checks, system checks, forensic checks, concurrent checks, quick checks, and foreign exchange checks.
- Risk-based internal audit provides senior management and the board of directors with reasonable assurance about the effectiveness and adequacy of the risk management and control framework for the operations of the financial institution.
- Statutory audits are conducted by statutes or by auditors appointed by law to ensure that the accounts presented to various regulators and the public are fair.
- Credit checks can reveal gaps in loan processing and authorization, as well as monitoring loan accounts and inaccurate records.
- According to the bank’s stock audit policy, the bank’s external auditors shall inspect assets charged to the bank once or twice a year as desired by the bank.
- A forensic audit examines a company’s financial records to derive evidence from them and use it in a court of legal proceedings.
- The forensic auditor’s report can help prosecute the parties involved in embezzlement, fraud, or other financial misappropriations.
There are many other types of audits besides those mentioned above. Bank audits reveal violations of various financial institution rules and regulations, as well as failures to comply with financial institution policies. Bank examiners look for the most important topics to create successful proposals. Your findings will be documented by the bank and put on file.
Avoid compromising your valuable data & by ensuring cyber policy procedure are in place with our Information Security Audit Services. Get connected with our consultant now
