Comments
The Reserve Bank of India plans to get its information systems and technology audited by reputed firms. It has called for ‘expression of interest’ from reputed professional firms that have the capacity to conduct these reviews and make appropriate recommendations.
Broad areas identified for the information systems/information technology audit are as below:-
(a) Periodical onsite IT control assessments/evaluations/reviews
(b) Special reviews/ scrutinies
(c) Audit of IT projects at design and/or pre-implementation stage
(d) Performing post-implementation reviews/audits of IT projects
(e)Taking up application software audits/reviews, including Web applications and
associated infrastructure
(f) Conducting security audit of IT infrastructure in the regional offices & central office departments/data centres
Review of IS/IT Policies (including information security policy/policies), processes, procedures and IT/IS controls for their adequacy and effectiveness vis--à-vis frameworks/standards such as COBIT, COSO, ITIL, ISO 27001.
‘IS/IT audit’ may involve a combination of domains, including information technology governance, risk management, access controls, network security, vulnerability assessment, IT operations, cyber crime, IT outsourcing, and business continuity.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.