Security Considerations: IT Security & IT Audit for JAIIB

Customer Demands have sparked intense competition among banks and financial firms to apply information technology to their operations to provide innovative goods and services at lower prices. With increasing competition and threats banks are now seriously looking for Security Considerations like IT Security and Audit. It is very important for aspirants of the JAIIB exam to be aware of the Security Considerations: IT Security & IT Audit. There are two JAIIB exams each year. Security Considerations: IT Security & IT Audit will be discussed in this blog.

\https://www.oliveboard.in/jaiib-preparation/

Attempt a free JAIIB Mock test

Download the Security Considerations: IT Security & IT Audit Free E-book

download the security considerations: IT Security & IT Audit free e-book

How to Download Security Considerations: IT Security & IT Audit E-book for JAIIB?

Step 1: Click on the download link. You will be redirected to Oliveboard’s FREE E-Books Page.

Step 2: Create a free Oliveboard account or login using your existing Oliveboard account details

Step 3: Download the book by clicking on the link presented on the page.

Introduction

Security Considerations

Data and software: Data is a valuable resource that is required to keep a company running. Inaccurate data can also have major consequences on decision-making. The growing availability and usage of expert systems and the potential impact of erroneous data can cause havoc with a company’s operations.
Infrastructure: Banks must make significant investments to adopt technology-based tools and solutions. Computer and communication system functions require the same hardware components as software and data.
Peopleware: It refers to a group of people who are directly or indirectly responsible for the administration and operation of digital systems.

Types of Threats

Threats to computerised systems appear as the following:

Data and software errors and omissions
Unauthorised release of sensitive information
Abuse of computers and misappropriation of bank assets
Cybercrime

Malicious Damages: Malicious damage to computerised systems can be caused by dissatisfied workers who want to disrupt services or those with nefarious motives who want to use technology to commit fraud for financial gain.

Frauds
Interruptions in Services

Accidental Damages: Computers and communications systems have many uses in banking and other financial institutions. However, these systems are subject to harm caused by human error and natural disasters.

Human Error and Omissions
Unreliable systems
Environmental Hazards

Control Mechanism

Management of hazards linked with IT technologies necessitates the implementation of appropriate control mechanisms.

Physical Control: Physical control refers to applying security measures inside a defined structure to prevent unwanted access to sensitive information.

Internal Control: Internal control is a method used by a company’s board of directors, management, and other employees to offer reasonable confidence that information is accurate, reliable, and timely. Laws, rules, contracts, policies, and procedures must all be followed.

Accounting Control: Accounting control refers to how processes are set up inside a company to manage risk. The following are the accounting control objectives: To protect assets from being lost. To guarantee that financial statements accurately reflect a company’s financial performance, position, and cash flows.
Administrative Control: Administrative controls define the human security components. It includes all levels of an organisation’s people and defines which users have access to resources and information through training and awareness. It also includes plans for disaster preparedness and recovery.

Operational Control: Security measures largely implemented and performed by humans are known as operational controls (as opposed to systems). These safeguards are put in place to increase the security of a system (or group of systems).

Audit Trails: To examine and search for errors or anomalies, an Audit Trail should capture all material events that happen within the border subsystem. Audit Trail Controls try to preserve a chronological history of all events in a system. This record is required to respond to enquiries, meet legislative obligations, discover error implications, and permit system monitoring and adjustment. The following are two types of audit trails that you should include in each subsystem:
An accounting audit trail to keep track of occurrences within the company subsystem.
An Operations Audit Trail to keep track of attempted and completed operations. Each event in the subsystem consumes a certain amount of resources.

Checksum: IT experts use checksums to identify high-level problems in data transfers. A checksum is a value that indicates the number of bits in a transmission message. A checksum value can be assigned after performing a cryptographic hash function on each piece of data or file before transmission. Data Encryption: Data encryption is the process of converting plaintext (unencrypted) data into ciphertext (encrypted). Users can use an encryption key to access encrypted data and a decryption key to decode encrypted data.

Read More Here

Take a peek at the Security Considerations: IT Security & IT Audit Free E-book

Conclusion

This was all about Security Considerations: IT Security & IT Audit for JAIIB. Our goal is to provide candidates with information that will help them prepare for the JAIIB exam. Keep following Oliveboard for more updates. To stay updated, follow Oliveboard on Facebook and Telegram.

FAQs

Q. What is Phishing?

A. It refers to bank clients receiving unsolicited emails seeking their login, password, and other account information to access their account for whatever reason. When customers click the links to submit their information, they are routed to a false imitation of the genuine bank’s website, and they are unaware that fraud has happened.

Q. What are the threats to computerized systems?

A. Threats to computerized systems appear as the following:
– Data and software errors and omissions
– Unauthorized release of sensitive information
– Abuse of computers and misappropriation of bank assets
– Cybercrime

JAIIB Study Material Compilation

Principles And Practices Of Banking	Principles And Practices Of Banking \| Study Notes For JAIIB (oliveboard.in)
Reserve Bank of India	Reserve Bank of India: Organisation & Functions – Oliveboard
Types Of Shares And Their Issue	Types Of Shares And Their Issue- Types, Classification, Bonus Shares (oliveboard.in)
Understanding The Balance Sheet And Its Format	Understanding The Balance Sheets And It’s Format (oliveboard.in)
Accounting And Finance For Bankers	Accounting And Finance For Bankers \| Study Notes For JAIIB (oliveboard.in)
Assets & Liabilities	Assets & Liabilities – Meaning, Legal Requirements and more (oliveboard.in)
Public Sector Banks And Cooperative Banks	Public Sector Banks And Cooperative Banks \| JAIIB Study Notes (oliveboard.in)
Calculation of Interest and Annuities	Calculation of Interest and Annuities-Business Mathematics For JAIIB (oliveboard.in)
Calculation of YTM	Calculation of YTM(Yield to Maturity)-Basics of Business Mathematics (oliveboard.in)
Consumer Protection Act	Consumer Protection Act COPRA- Free Pdf Notes for JAIIB 2022 (oliveboard.in)
Risk and Basic Risk Management Framework	Risk and Basic Risk Management Framework JAIIB \| Oliveboard
Risks in Banking Business	Risk in Banking Business
Functions of Bank	Functions of Bank – Short Notes for JAIIB Exam \| Oliveboard
Payments and Collecting Cheques	Payment and Collection of Cheques and Other Negotiable Instruments for JAIIB I Oliveboard
Data Communication Network	Data Communication Network and EFT Systems for JAIIB I Oliveboard
Technology Upgradation and it’s impact	Role of Technology Upgradation and its impact on Banks JAIIB I Oliveboard
Security Considerations: IT Security & IT Audit	Security Considerations: IT Security & IT Audit for JAIIB I Oliveboard