ms - bank branch audit in cis environment

7/30/2019 MS - Bank Branch Audit in CIS Environment

1/79

1

Actually I have nothing to say, so my presentation

should last only two to three hours

CA. Mukesh

Saran,

M.Com.,FCA,DISA(ICAI)


2/79

An investment

in knowledgealways pays thebest interest.- Benjamin Franklin

There will be only one break during my presentation!Please pace your boredom accordingly


3/79

3

US Defence department has said it is forbidding Google from filming anddepicting in details its Military bases.

Govt connectivity with other universities across the globe. to upgradehospitals to Meet Medical Council of India norms by developing softwarewhich would enable better access to books on medicines.

Thinking of what to gift that special women in your life on International

Womens day? Forget Diamonds, give her a high-tech Gadget instead

---- So when we are living in aSo when we are living in a ComputerisedComputerised EnvironmentEnvironment

.... we have no option but to.. we have no option but to

carry out the audit in the samecarry out the audit in the same CompterisedCompterised EnvironmentEnvironment

Almost entire dubbing of the movie Racewas erased when a hard disk crashed atSound city. So our heroes Anil & Saif had toredo the complete sound recording again.

This is just what we could read fromThis is just what we could read from

scrolling through the papersscrolling through the papers ----------------


4/79

4

AGENDA

Developments in the BankingSector

Information System Audit V/sFinancial Annual Audit

Auditing in CIS Environment - AAS

29 Effect of CIS Environment on Audit

Potential Risk Areas in

Computerised Branches Risk Assessment & Internal Control

in CIS Environment

Practical Approach for EffectiveAudit of Computerised Branches


5/79

5

Developments in the Banking Sector

The IT saga in Indian Banking commenced from

the mid eighties of the twentieth century whenthe Reserve Bank took upon itself the task ofpromoting automation in banking to improve

customer service, book keeping, MIS andproductivity. This role played by the ReserveBank has continued over the years.

Introduction of MICR based cheque processing a first for the region, during the years 1986-88


6/79

6


Computerisation of branches of banks in the

late eighties with the introduction of ledgerposting machines (LPMs), advanced ledgerposting machines (ALPMs), which have paved

the way for installation of Core Bankingsolutions.

The setting up of the Institute for Development

and Research in Banking Technology (IDRBT),Hyderabad in the mid nineties, as a researchand technology centre for the Banking sector;


7/79

7


The commissioning in 1999, of the Indian

Financial Network as a Closed User Group. Thenetwork supports applications having featuressuch as Public Key Infrastructure (PKI) whichinternational networks such as S.W.I.F.T. arenow planning to implement ;

Commencement of Certification Authority (CA)functions of the IDRBT for ensuring thatelectronic banking transactions get the requisitelegal protection under the InformationTechnology Act, 2000;


8/79

8


Ensuring Information Systems Audit (IS Audit) in

the banks for which detailed guidelines relatingto IS Audit were formulated and circulated;

Enabling IT based delivery channels which

enhance customer service at banks, in areassuch as cash delivery through sharedAutomated Teller Machines (ATMs), card based

transaction settlements,

NEFT, RTGS, etc.;


9/79

9


BRANCH

COMPUTERISATIONMANUAL

BANKINGCBS BRANCH BANKING, ATM,INTERNET BANKING ETC.


10/79

10

Information System Audit

v/s Financial AuditFINANCIAL AUDIT

Audit Opinion onFinancial Statement

Postmortem Exercise

Financial Accuracy

Financial Audit is neverPart of IS Audit.

I S AUDIT

Verification of System Control& Security

Ongoing & Forward lookingExercise

System Accuracy Output Analyser, Firewall,

Vulnerability assessment tool

CAAT available - ACL, IDEA,Excel

IS Audit to some extent Part

of Financial Audit


11/79

11

Auditing in Computerised Information

System (CIS) Environment - AAS 29 Mandatory Nature of AAS

Effect of CIS Environment on Audit Sufficient knowledge (Skill & Competence) CIS

System

Plan Supervise Control - Review

AAS - 9 Using work of an Expert

AAS - 6 Risk Assessment and Internal Control


12/79

12

Satisfaction about:

Adequate Procedure exist to ensure datatransmitted (entered) is correct and complete.

Cross verification of records

Reconciliation statements and control systembetween Primary & Subsidiary Ledger

Accuracy of computer compiled records are not

assumed.

AAS 29contd.


13/79

13

Documentation

Audit Plan

Nature, timing and extent of Audit Procedureperformed

Conclusion drawn from evidences

Electronic audit evidences also needs to beadequately and safely stored.

Electronic evidences should be retrievable in its

entirety as and when required.

AAS 29contd.


14/79

14

Processing is Concentrated

Audit Trails may be Undermined Human Judgment is bypassed

Data are stored in Device-Oriented rather than Human-

Oriented forms Invisible Data

Stored data are Erasable

Data are stored in a Compressed form

Stored data are relatively accessible

Computer Equipment is Powerful but Complex andVulnerable

Effect of CIS Environment on Audit


15/79

15


Parameter Old Way New Way

Records Manual Computerised

Time to modify More Instantaneous

Audit Trail Exists and is Verifiable May or may not exist

Data Manipulation Difficult Very Easy

Evidence Can be collectedDifficult also fragile innature

Physical boundaries Were identifiable No limit

ExpertiseCommon DetectionTechniques

Additional technicalknowledge MUST


16/79

16

Evaluate the Following Factors

Extent to which the CIS Environment is used to Record Compile Analyse Accounting Info.

Internal Control in existence with regard to

Authorised, Correct and complete data (Input) Processing of data

Analysis & Reporting (Output)

Impact on Audit Trail of Transaction



17/79

17

Typical Set-up of TBA Branches


18/79

18

Typical Set-up of CBS Branches


19/79

19

Risk involved in CIS Environment


20/79

20


Branch Cmputerised

Auditor Computer expert

Branch Manual Auditor May or may

not be computer expert

Branch Computerised

Auditor not acomputer expert


21/79

21


Lack of Transaction Trails e.g. Evidence of applicationof interest on deposit & advances System Generated

Entries Uniform Processing of Transactions- i.e. If Error occurs it

applies to all transaction

Lack of segregation of incompatible functions i.e.Same person makes-checks, Same person deals withcustomer & create the Account masters/ parameters


22/79

22


Potential for Errors & Irregularities-

Due to invisibility of data.

No visible evidence for unauthorised access/alter todata (ledger written with pencils)

Errors in System Handled transaction No human

intervention/observation hence remains undetectedErrors in Designing or modification of Programs can

remain undetected.


23/79

23


Manual Controls in such system are dependent upon theComputer Generated Report. Any Error in Report will

affect even the manual control. CIS related Fraud

Unauthorised use to modify, copy or use the data

Internet fraudSystem Fraud


24/79

24

Risk Assessment & Internal Control

Exceptional Transaction Report is reviewed and verifiedby the respective department

Review that Alteration in System Parameters,Application Parameters by authorised person only.

Access to computer rooms is restricted to authorised

persons only Whether user logs out of terminal when leaving the

terminal / not on seat

General Maintenance of Computer hardware isreasonable

Whether daily, monthly, yearly , onsite , offsite backup istaken as per HO instruction


25/79

25

How to conduct Audit effectively

in CIS Environment

Practical Approach(indicative and not exhaustive)


26/79

26

CBS Software

Software Name Developed /Maintained by

Banks in whichImplemented

FINACLE INFOSYS PNB, OBC, ICICI etc.

FLEX-CUBE IFLEX Kotak Mahindra Bank,YES Bank etc.

B@NKS24 TCS SBI Group

PROFILE SANCHEZ ING Vysya Bank

Laser Panacea Laser Soft Corporation Bank


27/79

27

Primary Steps of Audit in CIS Environment

Interview the System Executive

Ascertain whether the branch has migrated toCBS during the current year if yes checkmigration controls

To ascertain an overview of the systemincluding hardware and networkingconfigurations

Ascertain the nature and extent of ITinfrastructure, Policies and CIS controls


28/79

28

Whether officials, other than those of the branch,have authority to record transactions in it.

If so, what are the Branch Managersauthorities?

If so, when does the Branch become aware ofsuch transactions? Immediately /At predefined Intervals/End of Day

(EOD) /Start of Next Day (SOD)



29/79

29

How are the EOD/SOD processes managed?

Are communications problems faced whichdelay EOD/SOD processes?

What is the business impact of these

delays/discontinuity? What are offline periods?

How are the transactions in this period uploaded

onto the central server?



30/79

30


Ascertain

Whether the system is designed to automatically passentries for Income Recognition Norms?

Whether RBI norms of provisioning are incorporated

into the system, including the current amendments?Whether interest rate changes are incorporated

correctly?

Normal reply system is developed centrally at HOand branch has no control over it.


31/79

31


Ascertain

About access control levels and the system toensure adherence to defined controls.

About SEs role in ensuring such adherence.

About the modality of year-end process & howbalances are carried forward

About this replies to the LFAR questions.


32/79

32


Ascertain Management Practices

Are adequate summary-level reports available tomanagement to allow monitoring of:

Transactions volume?

System problem logs?

Exceptions?

Unreconciled transaction?Other customer or operational issues?


33/79

33


Take oral and written assurance that:-

System is implemented as designedNo modifications are made to the system.

All problems faced during implementation andpost implementation are resolved

Problems faced have not affected the

confidentiality, integrity and availability of thedata.


34/79

34


Conclusions of DiscussionsDocument findings and conclusions.Assess whether control mechanisms

explained and demonstrated are adequate. Ifthey are not adequate then:

Traditional audit will have to be performed Due to the criticality of the data and reliance which

is placed on the system, the Audit Report or LFARwould need to be suitably qualified.

The conclusion should be based on the auditprocesses to be carried out by the auditor andnot only on the discussions.


35/79

35

Review of Application Controls

Password Management and history

Unsuccessful log-on attempts Access Logs and reviews

Virus detection and protection

Inactive user-ids


36/79

36

Review of Physical Controls

Server Room (TBA,PBA) Router/Modem (CBS)

Whether entry is Restricted and where it islocated

Key should be with the manager


37/79

37

Review of Environmental Controls

Air Conditioner

Check the AMC Water seepage

Check the building condition

Fire Extinguisher

Date of refilling and expiry

Smoke Heat Detectors

Check the AMC


38/79

38

Review of Logical Controls

User id creation,

Entered in register duly signed by user User id deletion

Entered in register and signed by manager

User id of transferred staffDeleted and entered in register and cross

check it with attendance

User id and powers

Match it with office order


39/79

39


Vendor id-created or not

Cross verify with vendor register User ID for Master

When Branch is converted to verify fromregister

DBA having financial powers

Two user id should be given


40/79

40


PASSWORDS Check wheather users is required to change their

passwords periodically. Ideally it should be inbuilt within the software so no

need of checking, and it should not accept previouslyused password

Sharing of password.Declaration to be takenCross Verifying with attendance register and Access

Log Important passwords like DBA, Branch Managers arekept in sealed cover with Branch Manager Check by Physical Verification


41/79

41

Review of Output Controls

Hard Copy Print OutNormally Ignored

Screen Saver/Automatic Log Off Reports are signed

Normally Ignored


42/79

42

Review of Back up

Most Important Issue Qualification A simple activity ignored

Area CBS TBA PBA What to Check

Training Y Y Y Interview

Back Up N.A. Y Y Back up Register

Location N.A. Offsite Offsite Locker with banks

Back Up Tested N.A.. Y Y ????


43/79

43

Operations

Read Only Access

Ask for an access to view data ofbranch

If access can not be given, then the fact

should be documented and reported inthe Audit Report / LFAR.

Use assistance of the SE to run any

query on a situation If the SE is not able to provide assistance

then decide whether mention is required inthe Audit Report/LFAR


44/79

44

Operations

Activity and Transaction LogsLogs-Time, activity, user idClock Synchronisation

Operating System LogsFirewall logsApplication System logs

SQL LogsATM Terminal access ID and Log

Peruse transaction logs of heavy days(mostly, afterconsecutive bank holidays) and ascertain whether there were

any noticeable errorsReview Exception Transaction ReportBased on the review Auditor can decide on the areas

which need greater verification.Discuss the action taken on the events noted as

exceptional.


45/79

45

Operations

Exception ReportDebit /Credit balance change

Maturity record deleted

Inactive accounts reactivated

Excess allowed over limit

Debits to Income head accounts

Overdue bills and bills returned

Withdrawal against clearings

Deposits accounts debit balance

Temp O/D beyond sanction limit

Standing instruction failed in day


46/79

46

Operations

Income

Obtain interest rates keyed into system andmatch with rates prescribed by Management

Obtain log of interest rate changes and match

with changes prescribed by ManagementEnsure that interest rate changes are duly

authorised.

Test-check few calculations.Obtain cases of interest defaults and ensure

that reversals have been properly accounted.


47/79

47

Operations

Advances

Master FileChecking of the Parameters

Interest Rate

Drawing PowerPenal Interest

Standing Instructions

Stock Statement submission (some software)

Who Creates and who is authorised (done by sample)


48/79

48

Operations

Fresh Advances

Trace the data entry of sanctioned loan parametersand conditions into the system.

Ensure that rate of interest and due date of interestare properly entered. Test a few transactions.

Review Control over Documentation through thesystem.

Inquire whether the system prompts for actionsufficiently before renewal date. Test a fewtransactions.


49/79

49

Operations

Identification of Potential NPAsAudit list of customers /accounts with

high deposits within last week/ fortnight

Audit list of accounts with one due-datedefault and deposits within last

week/fortnight.Audit list of accounts with deposits

within last week /fortnight andwithdrawals in first week of April.

Trace whether these deposits are fromfacilities given at other branches.

This is possible if access is available to

the data of other branches.


50/79

50

Operations

ProvisioningObtain report of cases of defaults of principal and

ensure that accounting entries are passed forprovisioning.

Obtain exception reports to satisfy that no NPAs are

missed / omitted by the Branch.Obtain list of cases of

Re-rolling of advances

Sanctioning of advances in branches Utilising packing credit advances to clear border level NPAterm loans and other advances through current accounts/overdrafts/ cash credit accounts.


51/79

51

Operations

NPA Analysis

Issues Is the classification correct Is the calculation correct

Is the provisioning correct Is the revenue charged on such accounts

How do we check

Going through each account or sample Applying Various criteria of classification

Relying on information provided by Branch


52/79

52

Operations

NPA Analysis

How Computerisation can help If it is in built in the software at the master level

which is difficult

So what should we do to save time

Import the files in excel ( PBA,TBA)

Convert the files in required format (Delimit)Apply Vlook up to match data

Apply Filter, Sort, Mathematical Functions


53/79

53

Operations

Frauds

Obtain list of frauds that have taken place atbranches.

Many frauds occur in new technology areas

ATM

Net Banking

Credit Card

Cash Management


54/79

54

Operations

Control over Impersonal/ Office Accounts

Accounts which are open by the bank for theirown operational purposes and are of impersonalnature.

For instance:Sundry credit accountsSundry deposit accounts

SuspenseH.O. Account

Check whether these transactions are scrutinised by thebranch for correctness and for prompt adjustment.


55/79

55

Operations

Office Accounts

Review Suspense / Sundry/ Inter BranchAccounts.

Scrutinise list of Outstanding Entries

Many of the new products offered on the basis ofTechnology are dependent on the controls inthese Office Accounts.


56/79

56

Operations

ATM Transactions

Whether ATM cash has been verifiedperiodically.

Whether ATM transactions are

reconciled periodically. Whether adequate control over

physical inventories of ATM cardshas been exercised.


57/79

57

Operations

Whether all accounts (Opening & Closing) are duly authorised. Whether all the GL accounts codes authorised by H.O. and

are in existence in the system? Whether Beginning of the Day and End of the Day registermaintained? Whether Time is properly entered and time anddate are normal and during office hours only?

Whether the Account Master and balance cannot be modified/amended /altered except by the authorised personnel? Whether the records of errors arising during daily operations

are reported? And how they are rectified?

Whether dummy accounts created using master creation stillexist in the Branch A sample verification of SDRs / FDRs should be carried out to

ascertain whether lien is marked on such deposit receipts inthe system.


58/79

58

Operations

Dont Miss this!!!

Have the figures, as at the year-end,in the control and subsidiaryrecords been reconciled?

Balance reports e.g. GLConsistency report should beverified for balancing of books. And

for those heads, which are not madelive, balancing should still be verifiedwith the help of balance books.


59/79

59

Miscellaneous Issues

RegistersUser id register

Floppy register

Checksum register

Software problem register

Machine breakdown

Asset register containing details of hardware

Manuals, guidelines

Media stock movement register

Hardware /software Register

Parameter updation register


60/79

60


Insurance

Must be fully insured against all potential risks

Normally done at RO / ZO

AMC

AMC should be in force with contact no. of serviceprovider.


Anti VirusLicensed and updated version installed in all PCs



61/79

61


Internet

PC having internet connection should be

separate from those used for banking

operations.

Vendor

Vendors contact number should be available and heshould pay visits as agreed.

Vendors support should be ensured by Branch / RO /

ZO.


62/79

62


Other Programmes

No extraneous software, games software, freeware

should be loaded on PCs

This responsibility has to be shouldered by BranchIncumbent.

Floppy / CD / USB and other Removable MediaThey should be disabled in all PCs except those used

for backups or that of Manager.

Here too, the Manager should ensure this.


63/79

63


If there is a system break-down, has the branch madestandby arrangements?

If there is a software bug which results in wrongcalculation of interest charges or service charges ? If so,is that program deactivated and manual processing is

taking place to ensure adherence to rules. If a crucial report such as GL Tally report is not getting

generated by the system, is the branch checking for data

consistency by tallying total of account level balance listwith respective account heads either manually or throughuse of SQL ?


64/79

64

Audit Conclusions

Document all

findings

Take adequate

oral & written

representations Discuss

findings Submit report


65/79

65

Last but not the least

The procedure listed herebefore is not exhaustive but issuggestive. Stress has been

given to those procedure,which has some connection

with computerised accounting/ CBS environment. Otherprocedures are generally

same under CIS and Non CIS / Manual environment

and hence not listed.


66/79

66

Appreciation is a

wonderful thing; itmakes what is

excellent in others

belong to us as

well - Voltaire

Any Questions?

IDRBT


67/79

67

IDRBThttp://www.idrbt.ac.in/

In the year 1994, the Reserve Bank of India formed acommittee on "Technology Upgradation in the PaymentSystems". The committee recommended a variety ofpayment applications which can be implemented withappropriate technology upgradation and development of areliable communication network.

The committee also suggested setting up of an InformationTechnology Institute for the purpose of Research andDevelopment as well as Consultancy in the application oftechnology to the Banking and Financial sector of the

country. As recommended by the Committee, the Institutefor Development & Research in Banking Technology[IDRBT] was established by the Reserve Bank of India in1996 as an Autonomous Centre for Development andResearch in Banking Technology.

Back to Slide 6

SWIFT


68/79

68

SWIFT

http://www.swift.com/SWIFT is the Society for Worldwide Interbank FinancialTelecommunication, a member-owned cooperative

through which the financial world conducts itsbusiness operations with speed, certainty andconfidence. More than 9,000 banking organisations,securities institutions and corporate customers in 209countries trust us every day to exchange millions ofstandardised financial messages.

Back to Slide 7


69/79

69

RTGS

The acronym 'RTGS' stands for Real Time GrossSettlement, which can be defined as the continuous

(real-time) settlement of funds transfers individually onan order by order basis (without netting). 'Real Time'means the processing of instructions at the time theyare received rather than at some later time. 'GrossSettlement' means the settlement of funds transferinstructions occurs individually (on an instruction byinstruction basis). Considering that the fundssettlement takes place in the books of the ReserveBank of India, the payments are final and irrevocable.

Back to Slide 8


70/79

70

NDS

http://www.investopedia.com/terms/n/negotiated_dealing_system.asp#axzz1dDhPsm25Negotiated Dealing System NDS

An electronic trading platform, operated by theReserve Bank of India, used to facilitate the exchangeof government securities and other money marketinstruments. The negotiated dealing system will alsobe responsible for hosting new issues of governmentsecurities.

Back to Slide 6


71/79

71

CFMS

http://rbidocs.rbi.org.in/rdocs/Content/PDFs/70124.pdf

The Centralised Funds Management System (CFMS), is asystem set up, operated and maintained by the ReserveBank of India (hereinafter referred to as the Bank) toenable operations on current accounts maintained atvarious offices of the Bank, through standard message

formats in a secure manner.The CFMS comprises two components the CentralisedFunds Enquiry System (CFES) and Centralised FundsTransfer System (CFTS). These have been made available

through the following subsystems:- the Apex Level Server (ALS),- the Local Funds Management System (LFMS),- the Bank Level Funds Management System (BLFMS), and,

- the Local Banks Funds Management System (LBFMS).

Back to Slide 6
http://rbidocs.rbi.org.in/rdocs/Content/PDFs/70124.pdfhttp://rbidocs.rbi.org.in/rdocs/Content/PDFs/70124.pdf


72/79

72

NSS

http://nationalsettlementsolutionsllc.com/

National Settlement Solutions - Welcome to NationalSettlement Solutions (NSS), a national title insuranceand title services company. From title insurance andescrow services to home loan settlements and

refinancing, National Settlement Solutions combinesthe latest online technology with unparalleledpersonalized customer service to ensure successful,efficient transactions.

Back to Slide 6
http://nationalsettlementsolutionsllc.com/http://nationalsettlementsolutionsllc.com/


73/79

73

SFMS

http://www.mpf.org.in/pdf/Basics%20of%20SFMS%20Standards.pdfStructured Financial Messaging System (SFMS) is a secure

messaging standard developed to serve as a platform for intra-bank and inter-bank applications. It is an indian standard similarto SWIFT (Society for World-wide Interbank FinancialTelecommunications) which is the international messagingsystem used for financial messaging globally. SFMS can be usedpractically for all purposes of secure communication within thebank and between banks. The SFMS was launched on December14, 2001 at IDRBT. SFMS has a number of special features and it isa modularized and web enabled software, with a flexiblearchitecture facilitating centralized or distributed deployment. Theaccess control is through Smart Card based user access andmessages are secured by means of standard encryption andauthentication services conforming to ISO standards. RBIapplications like Real Time Gross Settlement (RTGS), NegotiatedDealing System (NDS), Security Settlement System (SSS) andIntegrated Accounting System (IAS) have interface with SFMS andRTGS uses SFMS for messaging.

Back to Slide 6

CMS
http://www.mpf.org.in/pdf/Basics%20of%20SFMS%20Standards.pdfhttp://www.mpf.org.in/pdf/Basics%20of%20SFMS%20Standards.pdfhttp://www.mpf.org.in/pdf/Basics%20of%20SFMS%20Standards.pdfhttp://www.mpf.org.in/pdf/Basics%20of%20SFMS%20Standards.pdf


74/79

74

CMShttp://www.unionbankofindia.co.in/cms_corporate_bank.aspxCash Management Services (banking)

CMS is a product under which collection and payments areeffected at a high speed.

Customers can have their cheques/instruments collected

from several up country centers and pool funds at a singlepoint.

Customers can also use CMS to make payments at variouslocations all over the country.

How CMS Works Collection of cheques from customers/dealers place by

Banks courier or deposit of cheques by customersrepresentative at our CMS centres.

CMS centres transmit information of instruments depositedto CMS Central Hub via WAN.

Central Hub collates the information received from CMScentres and sends out payment advices as per agreedterms.

The CMS Central Hub also generates customized MIS inrespect of collections and payments and transmits the sameelectronically every day. Back to Slide 6
http://www.unionbankofindia.co.in/cms_corporate_bank.aspxhttp://www.unionbankofindia.co.in/cms_corporate_bank.aspx


75/79

75

NEFT

http://taxguru.in/finance/meaning-of-national-electronic-funds-transfer-neft-system-and-how-does-the-neft-system-operate.html#axzz1dDmCrZPK

National Electronic Funds Transfer (NEFT) system is anation wide funds transfer system to facilitate transferof funds from any bank branch to any other bank

branch.

Back to Slide 8

How RTGS is different from National
http://taxguru.in/finance/meaning-of-national-electronic-funds-transfer-neft-system-and-how-does-the-neft-system-operate.html#axzz1dDmCrZPKhttp://taxguru.in/finance/meaning-of-national-electronic-funds-transfer-neft-system-and-how-does-the-neft-system-operate.html#axzz1dDmCrZPKhttp://taxguru.in/finance/meaning-of-national-electronic-funds-transfer-neft-system-and-how-does-the-neft-system-operate.html#axzz1dDmCrZPKhttp://taxguru.in/finance/meaning-of-national-electronic-funds-transfer-neft-system-and-how-does-the-neft-system-operate.html#axzz1dDmCrZPKhttp://taxguru.in/finance/meaning-of-national-electronic-funds-transfer-neft-system-and-how-does-the-neft-system-operate.html#axzz1dDmCrZPKhttp://taxguru.in/finance/meaning-of-national-electronic-funds-transfer-neft-system-and-how-does-the-neft-system-operate.html#axzz1dDmCrZPK


76/79

76

How RTGS is different from National

Electronics Funds Transfer System (NEFT)?NEFT is an electronic fund transfer system thatoperates on a Deferred Net Settlement (DNS) basis

which settles transactions in batches. In DNS, thesettlement takes place with all transactions received tillthe particular cut-off time. These transactions arenetted (payable and receivables) in NEFT whereas inRTGS the transactions are settled individually. Forexample, currently, NEFT operates in hourly batches -there are eleven settlements from 9 am to 7 pm onweek days and five settlements from 9 am to 1 pm onSaturdays. Any transaction initiated after a designatedsettlement time would have to wait till the nextdesignated settlement time Contrary to this, in theRTGS transactions are processed continuouslythroughout the RTGS business hours.

Back to Slide 6

Auditing and Assurance Standard


77/79

77

Auditing and Assurance Standard

(AAS) 29Auditing and Assurance Standard (AAS) 29, "Auditing in aComputer Information Systems Environment" issued by theCouncil of the Institute of Chartered Accountants of India1. This

Standard should be read in conjunction with the "Preface to theStatements on Standard Auditing Practices" issued by theInstitute

The purpose of this Auditing and Assurance Standard(AAS) is to establish standards on procedures to befollowed when an audit is conducted in a computerinformation systems (CIS) environment. For the purposes

of this AAS, a CIS environment exists when one or morecomputer(s) of any type or size is (are) involved in theprocessing of financial information, including quantitativedata, of significance to the audit, whether those computers

are operated by the entity or by a third party.Back to Slide 4

CA


78/79

78

CA

http://cca.gov.in/rw/pages/index.en.do

Controller Of Certifying Authorities - TheInformation Technology Act, 2000 was

enacted by the Indian Parliament in June,2000. It was notified for implementationin October, 2000 with the issuance of

Rules under the Act. The purpose of theAct is to promote the use of digitalsignatures for the growth of E-Commerce

and E-Governance. Back to Slide 7

IDEA
http://cca.gov.in/rw/pages/index.en.dohttp://cca.gov.in/rw/pages/index.en.do


79/79

IDEA

www.CaseWare-IDEA.com

IDEA (originally an acronym for Interactive Data Extractionand Analysis) provides auditors, accountants, and systemsand financial professionals with the ability to read, display,analyze, manipulate, sample, or extract data from data files

from almost any source - mainframe to personal computers,including reports printed to a file. IDEA extends your reachby providing unique functions and features not found ingeneric software.

IDEA combines considerable power of analysis with anextremely user-friendly Windows environment. This versatiletool is useful for any type of file interrogation and offersusers the benefits of the following and other functionality
http://www.caseware-idea.com/http://www.caseware-idea.com/

ms - bank branch audit in cis environment

Documents