CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP,...
-
date post
18-Dec-2015 -
Category
Documents
-
view
227 -
download
1
Transcript of CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP,...
![Page 1: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/1.jpg)
CAIIB- General Bank Management -Technology Management –
MODULE C
Madhav PrabhuM. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL
![Page 2: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/2.jpg)
Agenda
• Information Systems and Technology
• IT Applications and Banking
• Networking Systems
• Information System Security and Audit
![Page 3: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/3.jpg)
Information Systems and Technology
• System terminology
• MIS and its characteristics
• Data warehouse
![Page 4: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/4.jpg)
System Terminology
• Systems Development Life Cycle– Planning and analysis – defines needed
information etc– Design - data structures, software
architecture, interface– Implementation - Source code, database,
documentation, testing and validation etc.– Operations and maintenance - ongoing
![Page 5: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/5.jpg)
SDLC
• A framework to describe the activities performed at each stage of a software development project.
![Page 6: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/6.jpg)
Various SDLC Models
• Waterfall Model when– Requirements are very well known– Product definition is stable– Technology is understood– New version of an existing product– Porting an existing product to a new platform.
![Page 7: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/7.jpg)
Various SDLC Models
• V-Shaped SDLC Model when– A variant of the Waterfall that emphasizes the
verification and validation of the product.– Testing of the product is planned in parallel with a
corresponding phase of development• Excellent choice for systems requiring high
reliability – tight data control applications – patient information etc.
• All requirements are known up-front• When it can be modified to handle changing
requirements beyond analysis phase • Solution and technology are known
![Page 8: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/8.jpg)
Various SDLC Models
• Prototyping Model when– Developers build a prototype during the requirements
phase– Prototype is evaluated by end users and users give
corrective feedback – Requirements are unstable or have to be clarified – Short-lived demonstrations – New, original development– With the analysis and design portions of object-
oriented development.
![Page 9: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/9.jpg)
Type of Information Systems
• Transaction Processing Systems
• Management Information Systems
• Decision Support Systems
![Page 10: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/10.jpg)
MIS Structure
• Strategic – Top management
• Tactical – Middle Management
• Operational – Lower Management
![Page 11: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/11.jpg)
Strategic
• External information – Competitive forces, customer actions, resource availability, regulatory approvals
• Predictive information – long term trends
• What if information
![Page 12: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/12.jpg)
Strategic Management
• The People– Board of Directors– Chief Executive Officer– President
• Decisions– Develop Overall Goals– Long-term Planning– Determine Direction
• Political• Economic• Competitive
![Page 13: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/13.jpg)
Tactical
• Historical information- descriptive
• Current performance information
• Short term future information
• Short term what if information
![Page 14: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/14.jpg)
Tactical Management
• People– Business Unit
Managers– Vice-President to
Middle-Manager
• Decisions– short-medium range
planning– schedules– budgets– policies– procedures– resource allocation
![Page 15: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/15.jpg)
Operational
• Descriptive historical information
• Current performance information
• Exception reporting
![Page 16: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/16.jpg)
Operational Management
• People– Middle-Managers to– Supervisors– Self-directed teams
• Decisions– short-range planning– production schedules– day-to-day decisions– use of resources– enforce polices– follow procedures
![Page 17: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/17.jpg)
MIS System
• MIS provides information about the performance of an organization
• Think of entire company (the firm) as a system.
• An MIS provides management with feedback
![Page 18: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/18.jpg)
The FirmProcessing
MIS: The Schematic
Input: Raw Materials, Supplies, Data, etc.
Output: Products, Services, Information etc.MIS
Managers, VPs, CEO
![Page 19: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/19.jpg)
MIS - Questions
Q: How are we doing?A: Look at the report from the MIS
Generic reports: Sales, Orders, Schedules, etc.Periodic: Daily, Weekly, Quarterly, etc.Pre-specified reports
Obviously, such reports are useful for making good decisions.
![Page 20: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/20.jpg)
How is a DSS different?
MIS• Periodic reports
• Pre-specified, generic reports
DSS• Special reports that may
only be generated once
• May not know what kind of report to generate until the problem surfaces; specialized reports.
![Page 21: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/21.jpg)
MIS vs. DSS: Some Differences
• In a DSS, a manager generates the report through an interactive interface– More flexible & adaptable reports
• DSS Reporting is produced through analytical modeling, not just computing an average, or plotting a graph.– Business Models are programmed into a DSS
![Page 22: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/22.jpg)
Decision Support System
• Broad based approach
• Human in control
• Decision making for solving structured/unstructured problems
• Appropriate mathematical models
• Query capabilities
• Output oriented
![Page 23: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/23.jpg)
Types of Decisions
Operational Tactical Strategic
Un-structured
Cash Management
Re-engineering a process
New e-business initiatives
Company re-organization
Semi-structured
Production Scheduling
Employee Performance Evaluation
Capital Budgeting
Mergers
Site Location
Structured Payroll
![Page 24: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/24.jpg)
Project Management
• Planning Tools– Gantt chart– PERT
• Interdependencies• Precedence relationships
• Project Management software
![Page 25: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/25.jpg)
Information Technology
• Some IT systems simply process transactions• Some help managers make decisions• Some support the interorganizational flow of
information• Some support team work
![Page 26: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/26.jpg)
When Considering Information,
• The concept of shared information through decentralized computing
• The directional flow of information
• What information specifically describes
• The information-processing tasks your organization undertakes
![Page 27: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/27.jpg)
INFORMATION FLOWS• Upward Flow of Information - describes the current
state of the organization based on its daily transactions.
• Downward Flow of Information - consists of the strategies, goals, and directives that originate at one level and are passed to lower levels.
• Horizontal Flow of Information - between functional business units and work teams.
![Page 28: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/28.jpg)
INFORMATION PROCESSING
1. Information Sourcing- at its point of origin.2. Information - in its most useful form.3.Creating information - to obtain new information.4.Storing information - for use at a later time.5.Communication of information - to other people or another location.
![Page 29: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/29.jpg)
Data Centers
• Centralised data environment– Data integration– Management awareness– Change impact
• Decentralised data environment– Functional specialisation– Local differences– User proximity– User confidence– Lack of central control– Corporate level reporting– Data redundancy– Loss of synergy
![Page 30: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/30.jpg)
IT Applications and Banking
![Page 31: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/31.jpg)
Banking Systems and software
– Multi currency– Multi lingual– Multi entity– Multi branch– Bulk transaction entry– High availability– Performance management
![Page 32: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/32.jpg)
Selection criteria
• Industry knowledge• Banking IT knowledge• Application familiarity• Project Management• Pricing options• Track record• Incumbency• Technical skills• Accessibility• Total Cost
![Page 33: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/33.jpg)
Other systems
• Electronic clearing and settlement systems– MICR/OCR– Debit Clearing system– Credit Clearing system– RTGS– Cheque truncation
• Electronic Bill presentment and payment– Decrease billing costs– Provide better service– New channels- new revenue
![Page 34: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/34.jpg)
Networking Systems
![Page 35: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/35.jpg)
Data communications
• Electronic mail
• Internet Connectivity
• Local Area Networking
• Remote Access Services
![Page 36: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/36.jpg)
Information System Security and Audit
![Page 37: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/37.jpg)
Computer Security
• Physical security
• Logical Security
• Network security
• Biometric security
![Page 38: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/38.jpg)
Physical Security
• Intrusion prevention- locking, guarding, lighting
• Intrusion detection mechanisms – Disturbance sensors, buried line sensors, Surveillance
• Document security
• Power supply
![Page 39: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/39.jpg)
Logical security
• Software access controls– Multiple type of access control– Internal access control – based on date, time
etc– Max tries– Audit trails– Priviliged access– Encryption
![Page 40: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/40.jpg)
Network Security
• Physical intrusion
• System intrusion
![Page 41: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/41.jpg)
Attacks
• Impersonation - forging identity
• Eavesdropping – Unauthorised read
• Data alteration – Unauthorised edits
• Denial of Service attacks - Overloading
![Page 42: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/42.jpg)
Intrusion Detection Systems
• Categories– NIDS – Network Intrusion Detection –
monitors packets on network– SIV – System Integrity Verifier – files sum
check– Log file Monitor – Log entry patterns
• Methods– Signature recognition – Pattern recognition– Anomaly detection – Statistical anomalies
![Page 43: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/43.jpg)
Firewalls
• First line or last line of defence?
![Page 44: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/44.jpg)
Others
• VPN
• Encryption
• Honey pots
![Page 45: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/45.jpg)
Biometric Security
• Signature recognition
• Fingerprint recognition
• Palmprint recognition
• Hand recognition
• Voiceprint
• Eye retina pattern
![Page 46: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/46.jpg)
Communication Security
• Cryptography
• Digital Signatures
• PKI
• CA
![Page 47: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/47.jpg)
Cryptography
• Art and science of keeping files and messages secure.
• Encryption
• Key – to encode– DES and Triple DES, IDEA– Safe key length
• Cipher
• Decryption
![Page 48: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/48.jpg)
Digital Signatures
• Usage
• Verification
• Why use?– Authenticity– Integrity– Confidentiality– Non repudiation
• Prerequisites – Public private key pair, CA
![Page 49: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/49.jpg)
PKI- Public Key Infrastructure
• A framework for secure and trustworthy distribution of public keys and information about certificate owners called clients
• Client
• Key Management– High quality secret keys– Generation
• Key distribution
![Page 50: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/50.jpg)
CA- Certification Authority
• Central Authority
• Hierarchical
• Web of Trust
![Page 51: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/51.jpg)
Disaster Management
• Natural
• Accidents
• Malicious
![Page 52: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/52.jpg)
Disaster Management
• Disaster avoidance– Inventory– Risk Management
• Disaster Recovery– Data off site– Data off line– Data out of reach– Test
![Page 53: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/53.jpg)
Business Continuity Planning
• Employee awareness
• Fire detection and prevention
• Hardcopy records
• Human factors
• LAN
• Media handling and storage
![Page 54: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/54.jpg)
DRP – Disaster Recovery Planning
• Preplanning
• Vulnerability assessment
• BIA – Business Impact Assessment
• Detailed definition – RTO and RPO
• Plan development
• Testing
• Maintenance program
![Page 55: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/55.jpg)
IS Audit
• Objectives– Safeguarding assets– Data Integrity– Process Integrity– Effectiveness auditing– Efficiency auditing– Importance
![Page 56: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/56.jpg)
IS Audit Procedures
• Audit objectives
• Planning– Who, how and reporting structures
• Audit Software – execution
• Reporting
![Page 57: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/57.jpg)
System Audit - Security
• Environmental Controls• Access controls• Input controls• Communication controls• Processing controls• Database controls• Output controls• Control of last resort (DRP, Insurance)
![Page 58: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/58.jpg)
Cyber Law
• IT Act 2000– Legal recognition of electronic records– Acknowledgement of receipt of electronic records– Legal recognition of digital signatures– Submission of forms in electronic means– Receipt or payment by fee or charge– Retention of electronic records– Publication of rules, regulation in electronic form– CA to issue digital certificate
![Page 59: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/59.jpg)
Some legal issues
• Data theft
• Email abuse
• Data alteration
• Unauthorised access
• Virus and malicious code
• Denial of Service
![Page 60: CAIIB - General Bank Management -Technology Management – MODULE C Madhav Prabhu M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL prabhu.madhav@gmail.com.](https://reader035.fdocuments.net/reader035/viewer/2022081511/56649d255503460f949fb6d0/html5/thumbnails/60.jpg)
Thank You