Project of DISA 2.

0 Course CIT of ICAI

Security and Control Risk assessment of Toll Bridge operations

1. Introduction
ABC Toll Company is a Road Toll Bridge Authority set up as an autonomous company by the
Government of India. The company is responsible for managing the Bangalore-Hassan Toll Bridge.
Users of bridge have to pay toll charges as per the classification of vehicle. The bridge is expected to be
available for use on a 24 x 7 basis. The toll bridge collection system is completely automated and
collections are made through 8 toll centres at both sides of the bridge. The IT department of the company
has a business continuity plan. The senior management is concerned about the impact of failure of IT on
the continuous operations of the bridge. The Government wanted an independent assurance on the
integrity of the information processed to ensure there is no revenue leakage.

2. Background
As a CA with DISA certification, you have been approached you to conduct a IS audit to assess adequacy
of all BCP related controls, verify correctness and completion of transaction processing, identify areas of
weaknesses and suggest appropriate recommendations. The primary objective of this assignment is to
provide assurance to the management of ABC Company about the capability of the company to continue
its operations despite any unexpected disruptions or disasters and also provide assurance to the
Government about integrity of information processing using IT.

3. Auditee Environment
The company’s IT environment as related to bridge operations consists of a Mini-Computer with Windows
Server 2008 as operating system and Oracle as the Database. The Toll bridge application software is
developed by an external vendor in Oracle on a client server platform. This computer is connected to a
standby server with disk-mirroring facility and users are shifted instantly to the standby server in case the
main server is down. The PC network platform comprises of a Windows workstations which are installed
at each of the 8 Toll booths. There are 4 workstations kept as standby (2 each) at the East and West Toll
Plaza. Connectivity to the servers is provided through physical cabling from the toll booths to the toll
plaza. The toll booths have electrical power through a UPS with a battery backup of 2 hours and a
generator to provide power to the servers and computers. There are smoke detector alarms installed at
Toll plazas and toll booths. Fire extinguishers have been installed at the Toll plazas and toll booths. The
company has insured all the IT assets.

4. Overview of Business Processes

The Toll Application software captures 2 images of the vehicles (one at entry and one at exit from tool
booth). This can be used for the control and auditing of collection operations. The system has an
Auditing menu for verifying the images with the collections made by operators. This system upon
receiving a trigger from the Alarm Contact Closure triggers a specific camera related to the trigger. The
application software also gets inputs from the 8 cameras at the top of toll booths which capture and
automatically sends an output signal to the Quad Switcher, which feeds the camera image to the system
thereby capturing the image related to this data, and storing both data and image to the software. The
processing of toll at the tollbooth takes place sequentially is explained in the next page.

Private and Confidential (for use by participants of DISA 2 Course) Page 1

Project of DISA 2.0 Course CIT of ICAI

When a vehicle enters the lane the following takes place.

 The camera captures the image of the vehicle as it passes a specific point near the toll booth.
 The operator classifies the vehicle visually and selects the classification category of the vehicle.
 The correct monetary value is acquired and displayed to the operator.

The above is termed an Event and the event is stored in workstation and also transmitted to the Server.
This is done via a specific application trigger, which is allocated to that particular lane’s classification
buttons. After toll operator has collected the money, he presses the update key which validates the event
and opens the boom facilitating the vehicle to enter the bridge. This is also termed as an event and stored
in the database. The details of the event with its unique transaction id, date, time, image, classification
category, operator id and lane id are captured and sent to the server. The event is also stored as a
sequence to the Event from the classification button. In addition, an image of the vehicle exiting the lane
is captured and stored together with the relevant data.

Once the two Events namely, entry of Classification and pressing of Validation key have been received by
the application, this is recorded as a complete transaction. Should one of the Events, such as the
classification or validation not get triggered in allocated sequence (i.e. separately) the application
software stores this as a violation with the lane identifier. An image is also captured with the violation
information. All the toll collections are manually collected by the toll operators in cash and the computers
at the toll booth are physically connected to the server stored at the east plaza. The objective of toll
operations is to ensure 24 hours availability of bridge for toll users after collection of toll.

The Tollbooths at the East and West Plaza are the key control points where all toll users have to halt and
pay their toll charges. The computers at toll booths are used for controlling the collections, and provide
as the normal input points for the Application software. In case of non-availability of Computers at the toll
booths on account of any reason, the toll will be operated manually by the operators under the personal
supervision of the officers and all the collections are entered in computer at toll plaza through a separate
menu. The duration for which the computers were not available is also captured by the software.

5. Situation
The audit department Government has expressed concern on the adequacy of controls regarding
availability of bridge using the IT. Further, they have also expressed concern on the need to have
appropriate controls to ensure that there is no revenue leakage in the toll collection process.

6. Deliverables
You have identify significant control issues relating to security and controls covering all areas of toll
collection process and provide recommendations for mitigating control weaknesses.

A. Prepare list of risk scenarios covering failure of technology and other disruptions.
B. Identify the control weaknesses in the technology deployment with recommendations.
C. Provide detailed audit program how you will execute the assignment.

7. Format of Finding/Report
Please provide your report covering above areas in standard format using guidelines and best practices.

Private and Confidential (for use by participants of DISA 2 Course) Page 2