Scribd Logo
Upload

Welcome to Scribd!

  • Broking It Audit Project 1

    Uploaded by

    Poonam Jangir
    17 views12 pages
    The document is an internal audit report for a Chennai region office of a company from October 2018 to September 2019. It summarizes the audit scope, which included reviewing systems for order tracking, risk management, password security, network integrity, access controls, backup/recovery, and IT infrastructure management. No critical issues were found, while some medium and minor issues/improvement opportunities were identified along with recommended actions for management. The report also includes standard disclaimers about the limited scope of the audit.

    Original Description:

    Original Title

    2788009_20220415103046_2788009_20220312123613_broking_it_audit_project_1_

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document is an internal audit report for a Chennai region office of a company from October 2018 to September 2019. It summarizes the audit scope, which included reviewing systems for order tracking, risk management, password security, network integrity, access controls, backup/recovery, and IT infrastructure management. No critical issues were found, while some medium and minor issues/improvement opportunities were identified along with recommended actions for management. The report also includes standard disclaimers about the limited scope of the audit.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    17 views12 pages

    Broking It Audit Project 1

    Uploaded by

    Poonam Jangir
    The document is an internal audit report for a Chennai region office of a company from October 2018 to September 2019. It summarizes the audit scope, which included reviewing systems for order tracking, risk management, password security, network integrity, access controls, backup/recovery, and IT infrastructure management. No critical issues were found, while some medium and minor issues/improvement opportunities were identified along with recommended actions for management. The report also includes standard disclaimers about the limited scope of the audit.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 12

    For SBI Capital Market

    DRAFTBROKING
    INTERNALPRIVET
    JK
    Oct, 2019
    AUDIT REPORT
    LIMITED–
    CHENNAI REGION OFFICE
    SYSTEM AUDIT REPORT
    FOR OCTOBER-2018 TO SEPTEMBER-2019
    FOR APRIL 21 TO SEPTEMBER 21

    IT Audit | Risk Consulting


    INFORMATION SYSTEM AUDIT

    Critical Major Medium Minor /


    Improvement

    00 00 00 00

    2
    SETTING THE CONTEXT
    SETTING THE CONTEXT

    SETTING THE CONTEXT

    3
    SETTING THE CONTEXT
    Purpose and Objective of Audit:
    • Determine whether the management control framework is effectively designed and operating as intended; and
    • Assess the degree to which the Department is in compliance with the applicable policies and standards.
    • To check the effectiveness of controls in the system
    • To check the security controls in the system

    Audit Approach:
    • Walkthroughs to gain current process understanding and feel the internal control environment.
    • Sample transactions review and data analysis to validate process understanding.
    • Identify risks inherent to the processes
    • Testing of control checks of the system by using dummy data
    • Test effectiveness of existing controls and identify control/efficiency gaps for risk mitigation
    • Discuss and agree on recommendations to address control / efficiency gaps in addressing key risks.
    • Adhered to the applicable standards and guidelines by ISACA and ICAI in execution of audit

    Audit Team:
    • Jitendra Thakur: Partner & QA Control
    • Chirag Goyal : Director Overall Lead
    • Nutan Menaria : Execution Lead & GRC Consultanats
    • Abhishek: Network Security Consultant
    • Mridul: System Anylist

    4
    SETTING THE CONTEXT
    Audit Scope:
     To Verify System controls and capabilities in-
    • Order Tracking
    • Order Status
    • Rejection of orders
    • Communication of Trade Confirmation
    • Client ID Verification:
     TO Check Risk Management System
    • Online risk management capability
    • Order alert and reports
    • Back testing of effectiveness of RMS
    • Log management
     To Verify Password Security
    • Organization access policy
    • Authentication capability
    • Password best practices
     TO Check Network Integrity
    • Seamless connectivity
    • Network architecture
    • Firewall configuration

    5
    SETTING THE CONTEXT
    Audit Scope
     To Verify Access Controls
    • Access to server rooms
    • Additional access controls
     To Verify Backup and Recovery
    • Backup and recovery policy
    • Log generation and data consistency
    • System redundancy
     To Verify IT Infrastructure Management
    • IT Governance & Policy
    • IT Infrastructure planning
    • IT Infrastructure Availability Including SLA Parameters

    6
    Design System Operational
    Critical Root Cause: Deficiency
    a External
    Deficiency Ineffectiveness

    Observation Implication Management Comments

    Recommended Action

    Owner and Target Date

    7
    Design System Operational
    Major Root Cause: Deficiency Deficiency Ineffectiveness
    a External

    Observation Implication Management Comments

    Recommended Action

    Owner and Target Date

    8
    Design System Operational
    Medium Root Cause: Deficiency Deficiency
    a
    Ineffectiveness
    a External

    Observation Implication Management Comments

    Recommended Action

    Owner and Target Date

    9
    Design System Operational
    Minor Root Cause: Deficiency Deficiency
    a
    Ineffectiveness
    a External

    Observation Implication Management Comments

    Recommended Action

    Owner and Target Date

    10
    DISCLAIMER
    • The procedures performed are limited in nature and extent to those that we have determined best to meet the function’s
    requirements, based on information available with us.

    • Since we have focused only on specific areas, which were identified and agreed with you in advance, our scope and procedures
    may not disclose all issues and / or other significant matters about the department / company, or reveal all errors, irregularities
    and frauds in the underlying information.

    • The major objective of this Internal Audit review was to understand the key activities and controls in the processes designed and
    established, review the design effectiveness of processes and controls, assess the operating effectiveness of controls and provide
    recommendations for process and control improvement.

    • The approach employed during this engagement does not constitute a comprehensive review of operations and is subject to the
    level of bias in the method of sample selection.

    • The issues identified & proposed action plans in this report are based on our discussions with the people engaged in the process,
    review of relevant documents / records & our physical observation of the activities in the process.

    • This document is solely for your information and is not to be used for any other purpose or distribution to any other party without
    prior written consent of JCN

    • This report is based on exceptions observed.

    11
    Thank You

    You might also like