A typical computerised environment constitutes three independent but separate components Software, Hardware and Data The Risks broadly lead to Incorrect decision-making leading to setback to business Interruption in activities due to loss of data, hardware, software, People ware. Violation of Privacy Direct Financial loss due to computer frauds.
The objective of Computer Auditing is: Assets safeguarding Preserving data integrity Achieving system efficiency
Risk prone components in computerised systems Errors and omissions in data and software Unauthorised disclosure of confidential information Computer abuse and mis-utilisation of banks assets
Effective Control Mechanism in computerised environment Preventive Detective Corrective Scope of System Audit is : Review of operations to establish compliance Review of the adequacy of procedures and controls Integrity review focused at fraud detection/prevention of IT system Audit Trail Is a chronological record of all events occurring in a system. Legal Framework for Electronic Transactions Consequent upon the recognition given to the electronic records, electronic documents and electronic signatures, incidental amendments have also been made in the following acts: The Indian Penal Code, 1860 The Indian Evidence Act, 1872 The Bankers’ Books Evidence Act, 1891 The Reserve Bank Of India Act 1934