This checklist is from the SCORE Checklist Project. This checklist should be used to audit a firewall. This checklist does not provide vendor specific security considerations but rather attempts to provide a generic listing of security considerations to be used when auditing a firewall.

(more…)

Based on technical assistance to central banks by the IMF’s Monetary and Capital Markets Department and Information Technology Department, this paper examines fintech and the related area of cybersecurity from the perspective of central bank risk management. The paper draws on findings from the IMF Article IV Database, selected FSAP and country cases, and gives examples of central bank risks related to fintech and cybersecurity.

The paper highlights that fintech- and cybersecurity-related risks for central banks should be addressed by operationalizing sound internal risk management by establishing and strengthening an integrated risk management approach throughout the organization, including a dedicated risk management unit, ongoing sensitizing and training of Board members and staff, clear reporting lines, assessing cyber resilience and security posture, and tying risk management into strategic planning.. Given the fast-evolving nature of such risks, central banks could make use of timely and regular inputs from external experts.

Click to download

As we all are aware about that the season of Statutory Bank Audits is on its verge. It’s the time when
professionals are getting the straps of their boots ready to have a crisp walk. I thought it desirable to
pen down a few things, which are basic and my experience of Bank Audits and having worked in
banking industry post qualification and experiences with two of the big banks (StanC and Axis Bank)
and having done the Statutory Bank Audits of PSU Banks.

(more…)

The digital transformation of the global economy has hardly been slow in the past 20 years. The first mobile phone arrived in
1989. The world wide web is 30 years old and has been broadly accessible for the past 25, while the mobile internet, just 15
years of age, is approaching full global penetration. E-commerce has rapidly expanded, and digital payments platforms leading to
a broader set of digitally-enabled financial services have seen double digit growth, especially in China.

Looking at technological enablement across sectors and regions, the gating factor with respect to growth typically is not just
the state of the technology itself, but rather the speed with which individuals, organizations, and complex systems are willing
or able to change. This resistance to change is sometimes referred to as inertia, by analogy with the physics we all learned in
high school, where to put a body with some mass in motion or to change its speed or direction requires the application of
some force.

Click to download

Defining and communicating your Board’s Information Risk Regime is central to your organisation’s overall cyber security strategy. The National Cyber Security Centre recommends you review this regime – together with the nine associated security areas described below, in order to protect your business against the majority of cyber attacks.

(more…)