INFORMATION SECURITY (IS) AUDIT

Amazon FinTech Solutions Pvt Ltd

 Who We are:
Amazon FinTech Solutions Pvt Ltd was founded by highly diversified
experienced Bankers, Technologists and Marketing professionals
What we do:
We provide Consultancy and Solutions in domains such as Banking
Technology, Information Systems Audit, ISO Audits, Information
Security products, Architecture Design, Process re-engineering, Risk-
Management solutions, Debt Collection Systems, Document
Management systems etc.

What our Vision is :

“Being most preferred Consultant and Technology partner providing
cost-effective transformational technology products and solutions”

Amazon FinTech Solutions Pvt. Ltd

 What is IS Audit

“It is the process of collecting and evaluating evidence to determine

whether a computer system (information system) safeguards assets,
maintains data integrity, achieves organizational goals effectively and
consumes resources efficiently.”

** As per ISACA (Information Systems Audit and Control Association)

Amazon FinTech Solutions Pvt. Ltd

 What is the purpose of IS Audit

“The purpose of IS audit is to review and provide feedback, assurances and

suggestions to the stakeholders”

** As per ISACA (Information Systems Audit and Control Association)

Amazon FinTech Solutions Pvt. Ltd

 Primary Focus of IS Audit
Availability: Will the information systems on which the business is heavily dependent be
available for the business at all times when required? Are the systems well protected against
all types of losses and disasters?

Confidentiality: Will the information in the systems be disclosed only to those who
have a need to see and use it and not to anyone else?

Integrity: Will the information provided by the systems always be accurate, reliable and
timely? What ensures that no unauthorized modification can be made to the data or the
software in the systems?

** As per ISACA (Information Systems Audit and Control Association)

Amazon FinTech Solutions Pvt. Ltd

 Broad –Level Scope of current Audit

 Physical and environmental review

 System administration review

 Application software review

 Network security review

 Business continuity review

 Data integrity review

Amazon FinTech Solutions Pvt. Ltd

 What is the frequency of IS audit

-RBI has mandated this to be conducted annually in Co-operative Banks

-Going ahead, with ever increasing risks and decreasing risk-appetite, it is necessary to
increase this frequency

-In medium and Large Banks there are permanent IS Audit teams to conduct audits regularly

Amazon FinTech Solutions Pvt. Ltd

 Detailed Scope
• Physical Controls
• Logical Control
• Application level securities
• Roles, Responsibilities and Segregation of duties
• Change Management
• Data Centre Audit
o Hardware
o Operating System
o Computing Environment

Amazon FinTech Solutions Pvt. Ltd

 Detailed Scope ( Contd…)
• Data Security
• Backup policies
• Engagement with External entities
• Software Licence Management
• Safety equipments
• Disaster Recovery Plans and Management

Amazon FinTech Solutions Pvt. Ltd

 R. Mani
Director & Co-Founder
Amazon FinTech Solutions Pvt. Ltd
r.mani@amazonfintech.com
Phone: +91 9821636062

CISA – Certified Information Systems Auditor

CRISC- Certified in Risk and Information Systems Control
ISO 27001:2013 Lead Auditor

Amazon FinTech Solutions Pvt. Ltd

 THANK YOU

Amazon FinTech Solutions Pvt. Ltd