Page 262 - CA Final Audit Titanium Full Book. (With Cover Pages)
P. 262
CA Ravi Taori
Consider Going Concern:
Consideration: Evaluate events and conditions that might significantly question the bank's ability to continue
as a going concern.
(CNO-BA.180) Stage V: Reporting
Discussed Later in the Chapter.
(CNO-BA.200) Special Considerations in IT Environment
Auditor should collect following information.
1. IT Structure, Policy, and Environment: Bank’s IT policy & structure
2. Data Management:
- Data processing & interfaces
- Data integrity & security
3. Accounting and Financial Controls:
- IT-involved accounting processes
- Key financial controls & e-banking recordings
4. Reporting and Analytics:
- Periodic MIS reports
- Exception report generation & logic
5. Business Continuity and Disaster Control: Continuity & disaster plans
Key Security Control Aspects (Shortcut DATA)
1. Data Integrity and Availability:
- Ensure data is authorised, accurate, and complete for processing.
- In case of interruptions, the system must restart without distorting records.
2. Authorization and Access Control:
- Prevent unauthorized amendments to programmes.
- Ensure “access controls” match staff responsibilities.
- Ensure proper access and authorisation rights for employees.
- Ensure duty segregation during system access and monitor user activities.
- Authenticate changes in user levels and parameters.
- Only authorised personnel can modify the account master and balance.
- All general ledger codes authorised by Head Office should exist in the system.
3. Transaction Monitoring and Verification:
- Manually calculated charges should be accounted for and authorised.
- Daily verification of exceptional transaction reports is crucial.
4. Account and Ledger Verification:
- Ensure general ledger balance aligns with subsidiary book balance.
(CNO-BA.220) Internal Audit and Inspection
1. Central Audit and Inspection Department: Central audit and inspection department in Banks is a
combination of centralized function with some level of decentralization which is usually headed by a Chief
Audit Executive.
1A. Responsible for RBIA: It is responsible for undertaking Risk-Based Internal Audit (RBIA) as per the
framework as stipulated by RBI.
1B. Identification of Branches and Auditors: It is also responsible for identification of branches for revenue
audit, appointment of concurrent auditors, deciding their scope, meeting the concurrent auditors, discussing
their issues, conducting trainings if needed, and review of work of concurrent auditors. The primary function is
to ensure that the audit function is handled smoothly, effectively & efficiently.
www.auditguru.in 14.6