Checklists for IS AuditCommittee on Computer Audit
RBI, DBS, CO2
questionnaires were sent to all the banks eliciting information on the nature of theInformation Technology (IT) management function, IT risk management and EDP auditsystems, EDP audit methodology etc. The analysis revealed that the system of computer auditin banks is still in the developmental stage. A range of policy approaches has been reported inregard to the conduct of EDP audit by banks. It was observed that in respect of 50 percent of banks, the policy on IT risk management and EDP audit were not duly documented. Inrespect of many banks even availability of EDP inspection manuals was not ensured. Theperiodicity for conducting such audits also was not uniform across banks. The practice inmost of the banks in India was to audit around the computer. Computer security issues didnot receive adequate Top Management attention. It was evident from the assessment that thecomputer audit in India had been still evolving and a major constraint encountered by banksis the general shortage of skilled technical personnel for the task. The findings of theassessment were put up to the Audit Sub-committee of the Board for Financial Supervision asper the Board’s direction.1.4The Audit Sub-committee decided that a small committee comprising representativesof RBI, ICAI, SBI, a foreign bank and a new private sector bank may be constituted to drawupon a check list in a standardised form so that all the banks operating in the country canensure that their computerized branches are applying requisite controls in the computerizedenvironment and the branch auditors also verify the same and report accordingly.Accordingly, a committee was constituted with Shri A.L.Narasimhan, Chief GeneralManager-in-Charge, Department of Banking Supervision, Central Office as the Convener.The composition of this Committee is as follows:1Shri A.L.Narasimhan,ConvenerConvener,Chief General Manager-in-Charge,Department of Banking Supervision, CO,Mumbai 400 0052Shri Ashok Kumar Chandak/ Shri R.Bupathy
,MemberVice President,The Institute of Chartered Accountants of India,Indraprastha Marg,New Delhi 110 002.3Shri S.Santhanakrishnan,MemberChairman, Committee on Information Technology,The Institute of Chartered Accountants of India,Indraprastha Marg,New Delhi 110 002.4Shri S.N.Pattnaik,MemberGeneral Manager,State Bank of India,Inspection Department, Corporate Centre,
Shri Ashok Chandak was the Vice-President of ICAI when the Committee was formed. Shri R.Bupathysubstituted him as the member in the Committee consequent on his election as the new Vice-President.