Information System for Banks
Note : The book "Information System for Banks "consists of 19 chapters.This book is divided into seven modules consisting of: (i) Technology in Banks (ii) Technology – System, Development, Process, Implementation (iii) Continuity of business (iv) Overview of Legal Framework (v)Security and Controls Standards in Banking (vi) Security Policies, Procedures and Controls (vii) Information Security & IS Audit
Description
Increasing use of technology in banks has made dealings easier for customers and speeded up the operations. Meanwhile, there is a corresponding increase of risks in operations. Every bank should conduct Information Systems Audit (ISA) to minimize such risks.
Following RBI’s guidelines, a number of banks have put in place security policies, which among other things will determine the scope and periodicity of ISA. A number of banks prefer doing “ISA” internally. Even where banks engage third party IS Auditors, it may be preferable to have additional internal audit to tackle the issue of objective auditing. In order to conduct such internal auditing, it should be ensured that internal IS auditors are not part of IT team and have appropriate professional expertise by way of qualification and training. This will call for technically qualified personnel in the banking set-up and periodical skill building. Not only the auditors - both internal and external - but bankers in general should also be aware of the concerns of audit and initiate appropriate preventive measures. Middle and senior level officers working in banks should necessarily have a good appreciation of issues involved.
With these objectives and requirements, the Institute thought to publish a book which will be useful for: (i) the students enrolled for CeISB examination of the Institute and (ii) persons desiring to acquire, upgrade the knowledge on information technology of banks.
The book is divided into seven modules consisting of (i) Technology in Banks (ii) Technology - System, Development, Process, Implementation (iii) Continuity of Business (iv) Overview of Legal Framework(v) Security and Controls Standards in Banking (vi) Security Policies, Procedures and Controls (vii) Information Security & IS Audit.
It is hoped that the current volume of the book would help the reader:
- To develop functional expertise in the areas of system identification, development, implementation and designing.
- To develop expertise in computer security, implementation of threat prevention and detection systems, designing and testing risk mitigation strategies.
- To develop skills for objective assessment of information system control, information privacy and integrity.
- To study the tools that provide assurance in the system by measuring against four essential principles: availability, security, integrity and maintainability.
- To aid the bank management in developing sound information system audit, control and security functions by providing criteria for personnel selection and development.
- Primary emphasis of the book is still conceptual. Within the conceptual framework, there is a good coverage of analytical techniques. The book also gives information about the operational risks that the banks are facing, and how those risks are managed by appropriate measures.
Chapter No | Chapter name |
---|---|
MODULE: I | Technology in bank |
Chapter: 1 | Banking Environment and Technology |
Chapter: 2 | Overview of Processing Infrastructur |
Chapter: 3 | Accounting Information system |
Chapter: 4 | Information Organization and Management |
Chapter: 5 | Risk Associated with Technology in Banking |
Chapter: 6 | Audit Function and Technology |
MODULE: II | Technology – System, Development, Process, Implementation |
Chapter: 7 | Hardware Architecture |
Chapter: 8 | Software Platforms |
Chapter: 9 | System Development Life Cycle |
Chapter: 10 | Computer Networks |
Module: III | Community of Business |
Chapter: 11 | Business Continuity & Disaster Recovery Planning |
Module: IV | Overview of Legal Framework |
Chapter: 12 | Online Transactions - Concepts, Emerging Trends and Legal Implications |
Module: V | Security & Control Standard in Banking |
Chapter: 13 | Security |
Appendix: 1 | Oecd Guidelines for The Security of Information Systems |
Appendix: 2 | Generally-Accepted System Security Principles (GASSP) Version 2.0 |
Chapter: 14 | Control |
Module: VI | Securities Policies, Procedure and Controls |
Chapter: 15 | Development and Review of Security Policies and Control Standards |
Chapter: 16 | Compliance and Incident Handling |
Chapter: 17 | Network Security |
Module: VII | Information Security and is Audit |
Chapter: 18 | Information Security |
Chapter: 19 | IS Audit |
Annexure: A | Information Technology Acts, Standards & Guidelines |
Annexure: B | Glossary |
Will update soon
Will update soon
Will update soon
Will update soon
Will update soon
Will update soon
Will update soon
Will update soon
Will update soon
Will update soon
Will update soon
Will update soon
Will update soon
Will update soon
Will update soon
Will update soon
Will update soon
: Securities Policies, Procedure and Cont
Will update soon
Will update soon
Will update soon
Will update soon
Will update soon
Will update soon