Professional Documents
Culture Documents
Sample Performa Checklist of Is Audit
Sample Performa Checklist of Is Audit
ANNEXURE I
grounded?
6. Is the power 3
supply to all the
computer related
equipment
through UPS ?
7. Whether 3
provisions for
switching over to
stabilizer/standby
UPS in case of
UPS break down
is available?
8. Is onlyan 3
extension board
used & not a
multipoint plug ?
Total 24
II.B.II: MISCELLANEOUS
S. Particulars Breaches/Risk(s) (Low Risk-High marks and High Risk Low
No. Marks)
Risk Category No Low Medium High Max Marks Remarks
Breach Score Scored
1. Whether 3
sufficient no. of
Carbon Dioxide
gas type fire-
extinguishers are
provided?
2. Is everyone 3
aware of what
type of fire
extinguishers are
to be used on
computer
hardware
equipment in
case of fire?
3. Are these being 3
serviced and
tested
periodically?
4. Whether 3
smoke/heat/water
alarms are
provided?
5. Whether 3
suitable
INFORMATION SYSTEM (IS) AUDIT FOR CBS BRANCHES
communication
media (Intercom
etc. ) are
provided for
communication
with the other
staff members ?
6. Is the insurance 3
separate for the
machines and
not part of the
general fixed
assets insurance?
7. Is there a vacuum 3
cleaner?
If yes, is it in
working
condition?
If yes, is it being
used?
8. Whether the 3
machines are
dusted
everyday ?
9. Whether 3
smoking,
drinking and
eating inside the
branch premises
is prohibited
by putting
appropriate
signs ?
10. Is pest control 3
being
implemented?
Total 30
been complied
with ?
2. Whether 3
Hardware/
Software register
as per prescribed
format has been
maintained ?
3. Is maintenance 3
and servicing of
systems
supervised?
4. Whether 3
Hardware items
are numbered as
per fixed assets
register ?
Comments for
difference, if any.
5. Whether any 3
hardware item
purchased /
delivered at the
branch/ office
during the
current financial
year has been got
insured in terms
of HO Accounts
Department
guidelines.
Total 15
has proper
ventilation?
4. Are the 3
batteries of the
UPS kept outside
the cabin ?
5. Is Standby UPS 3
provided?
6. Whether the UPS 3
(if provided) is
used only for the
system and no
other power
consuming
equipment is
connected to it ?
Total 18
preventive
maintenance are
recorded?
Total 18
password at the
time of entering
the system?
6. Whether audit 3
trail is printed
and it contained
all operations
input to the
computer?
7. Whether deletion 6
or modification
of transaction is
permitted? if so,
whether a report
can be
generated? if
not, transaction
correction is
done by voucher
posting which is
authorized in
writing.
8. Whether interest 3
rates are stored
in each account
record?
9. Are interest 9
calculation
correctly done?
10. Whether interest 3
postings are
prompted by the
system on
predetermined
dates?
11. While opening an 3
account, is the
number generated
by the system?
12. Whether 6
threshold limit
entered for
SB/CA accounts?
13. Do exception 3
reports contain
large withdrawals
of deposits in
case of new
accounts during
the first six
INFORMATION SYSTEM (IS) AUDIT FOR CBS BRANCHES
accounts
subjected to dual
control out of
which one is of
supervisory
category?
3. Is there any list 3
of internal and
external
personnel
authorized to
access
computer
resources
available with the
branch?
4. Is automatic 3
screen blanking
and log out/
terminal lock
after a certain
period of
inactivity exists?
5. Whether Users 3
are changing the
passwords
periodically?
6. Whether a 3
register of
passwords
changes is
maintained?
7. Are the floppies / 3
tapes / pen-drives
being kept under
lock& Key.?
8. Whether 3
Exception
Statement is
being seen and
signed by the
Branch In-
charge?
9. Is the "END OF 3
REPORT" being
printed at the
end of each
report?
10. Whether total 3
no. of pages in
INFORMATION SYSTEM (IS) AUDIT FOR CBS BRANCHES
a particular
report (e.g. page
2 of 5 printed
on each leave of
the report?
11. Whether Cheque 3
Books issued are
recorded on
system daily?
12. Whether vendor's 9
representative is
allowed access to
the system only
in the presence of
a responsible
officer?
13. Whether vendor's 3
representative /
EDP Officer is
asked to record
the purpose of his
visit to the
branch in the
complaint / Visit
Register and
asked to give
details of his
visit ?
14. Are primary and 3
emergency
telephone
numbers and
addresses for
each key
personnel
available ?
15. Are telephone 3
numbers and
addresses of
hardware &
software vendor
available?
Total 51
II E NETWORK MANAGEMENT
II E.I. DATA CABLES & NETWORKING PRODUCTS
S. Particulars Breaches/Risk(s) (Low Risk-High marks and High Risk Low
No. Marks)
INFORMATION SYSTEM (IS) AUDIT FOR CBS BRANCHES
24x7?
7. Whether Data 3
cables are visible
in the open?
8. Are Electric & 3
data cables
crossing each
other?
9. Data and Electric 3
Cable diagram/
map is available
in the branch &
kept in a secured
place
10. Whether sharing 3
is disabled in all
the PCs?
11. Whether i-link is 3
installed on all
the workstations?
II.E.II RTGS / NEFT / SFMS / E-FUND
1. Whether the Yes - -
branch is enabled
for RTGS /
NEFT / SFMS?
YES /NO
2. Name of the - -
officers who have
been authorized
to operate
RTGS?
3. Name of the No branch official has been allotted - -
officers who have Digital Signature.
been allotted
Digital
Signatures
4. Is RTGS/NEFT 3
suspense a/c is
reconciled up to
date?
5. Is the branch 3
sending
certificate to the
affect that no
entry older than 7
days is
outstanding in
RTGS/NEFT
suspense a/c to
ZO on quarterly
INFORMATION SYSTEM (IS) AUDIT FOR CBS BRANCHES
basis?
II.E.III INTERNET / WEBMAIL:
1. Whether the Yes - -
branch has
installed
broadband
internet
connection?
Yes/No
2. Whether the 3
internet
connection is on
a stand-alone PC
and is not a part
of the LAN /
WAN?
3. Whether any 3
officer in the
branch has been
authorized by the
branch in charge
to operate
webmail and
Internet?
the period of
audit? If yes, give
details
3. Any incident 9
involving
unauthorized
disclosure of
sensitive
information by
the staff reported
during the period
of audit? If yes,
give details
4. Any incident 9
resulting in denial
of service to the
customers
reported during
the period of
audit? If yes, give
details
5. Any incident 9
involving theft of
IT resources
reported during
the period of
audit? If yes, give
details
6. Any incident 9
resulting in
financial or
reputational loss
to the bank
reported during
the period of
audit? If yes, give
details
7. Any violation 9
having legal /
regulatory
implications
reported during
the period of
audit? If yes, give
details
8. Are all the 3
incidents
escalated to
higher
authorities?
INFORMATION SYSTEM (IS) AUDIT FOR CBS BRANCHES
Total 60
II.G ATM
S. Particulars Breaches/Risk(s) (Low Risk-High marks and High Risk Low
No. Marks)
Risk Category No Low Medium High Max Marks Remarks
Breach Score Scored
1. Whether 3
Security Guard
has all the
Contact Nos. of
Branch
Manager/other
officials in case
of any
eventuality/
emergency.
2. Whether Access 3
lock is installed
and operational
so that the Glass
door fixed on
ATM entrance
opens only on
swapping of
ATM card.
3. Whether in case 3
of branch is
already having a
CCTV(Close
Circuit
TeleVision)
system installed,
the circuit is
extended to ATM
enclosure by
fixing one
camera for the
better security
control,
4. Whether all 3
Private Security
Guards posted at
ATM guarding
duty by the
Agency have got
their Credentials
verified by Civil
Police. Please see
INFORMATION SYSTEM (IS) AUDIT FOR CBS BRANCHES
agreement
5. Whether the 3
agreement/
Period of Contact
with Security
Agency is in
force
6. Whether ATM 3
Cards are being
issued to the
Saving Bank
account holders
and Current
Account Holder
(without OD/CC
Limit) with prior
intimation to
customers and
after getting their
consent.
7. Whether 3
signature of the
Card holder is
obtained on the
Card Issuing
Register and
same is verified
by officials
before Handing
Over the Card /
PIN to Customer
8. Whether 3
Application
Forms for Cards
are properly
filled-up &
signed by the
applicant and
verified by
Authorized
Officer
9. Whether a 3
register is being
maintained at the
branch to note all
activities related
to Card Issuance/
Surrender/ Hot-
Listing/ Lost-
Card etc.
INFORMATION SYSTEM (IS) AUDIT FOR CBS BRANCHES
Note:-No breach: 100% marks, Low: 80% marks,Medium: 50% marks &High: 0 marks