The IS Audit is an integral component of a discerning bank’s pursuit of robust IT security and actionable oversight. Solid corporate governance requires that banks regularly undergo these audits of their IT security and infrastructure. By using our customized tools, expert resources, and proven methodologies, we tailor our IT audit services to your specific needs. Our experienced professionals bring a deep understanding of Internal Information System Audits, Application Control, and Security Services, as well as Pre- and Post-Implementation Reviews of your IT infrastructure.
Information System Audits (commonly known as IS Audits) help management to understand the risks associated with the Information System function within an organization. With the widespread adoption of technology by the Banks, technology-related risks to the banking environment have increased. This change demands the need for developing Internal Control Frameworks that address the IT controls.
ValueMentor offers the IS audit service specifically addressing the RBI requirements towards Information System (IS) Audits. To ensure compliance with the RBI IS Audit guidelines, our process incorporates the scoping guidelines from the Reserve Bank of India. According to the Reserve Bank of India (RBI) Guidelines, an IS Audit should cover the following scope:
- Determining effectiveness of planning and oversight of IT activities
- Evaluating adequacy of operating processes and internal controls
- Determining adequacy of enterprise-wide compliance efforts, related to IT policies and internal control procedures
- Identifying areas with deficient internal controls, recommend corrective action to address deficiencies and follow-up, to ensure that the management effectively implements the required actions
ValueMentor Consulting, in compliance with the RBI guidelines, offers a wide range of services to the Banking industry including the IS Audits. Our auditors hold certifications such as CISA and CISSP as required as per RBI Guidelines.
Our audit results in providing an independent report to the management about the assurance status with regard to the integrity and effectiveness of systems and controls. Our auditors ensure the “Independence” required and practices “Due Professional Care” needed for a successful audit.
Our IT assurance professionals have many years of IT control and audit experience which is complemented by professional accreditations, such as
- Certified Information Systems Auditor (CISA),
- Certified Information System Security Professional (CISSP)
- Certified in Risk & Information System Controls (CRISC), and
- Certified Information Security Manager (CISM) and
affiliations, including membership in the Information Systems Auditing and Control Association (ISACA).