sunhux
asked on
List of Infra audit & security guidelines for banking environment
Urgently need a list of audit & security guidelines that are specific /
unique to banking:
a) IT staff needs to take continuous block leave of 7 working days?
b) a reason has to be keyed in for system admin whenever he/she
login to Prod system?
To detect fraud & prevent data alteration,
c) using ACL, IDEA to detect fraud or unauthorized data alteration
d) screen log / key log system admin's access to systems (guess this
is only feasible in command line based systems like Unix & OpenVMS
but for Windows is there a tool that reports what are the files being
changed / modified and system activities ? )
e) what are the more common COBIT & SOX practices applicable to banking ?
f) data encryption to encrypt sensitive files from prying eyes of system admin
g) Is Continuous Data Protection (CDP) to enable Point-In-Time recovery
essential in banking environment?
h) regular test restoration of tapes & how long is the tapes retention like
that's required by regulatory authority?
unique to banking:
a) IT staff needs to take continuous block leave of 7 working days?
b) a reason has to be keyed in for system admin whenever he/she
login to Prod system?
To detect fraud & prevent data alteration,
c) using ACL, IDEA to detect fraud or unauthorized data alteration
d) screen log / key log system admin's access to systems (guess this
is only feasible in command line based systems like Unix & OpenVMS
but for Windows is there a tool that reports what are the files being
changed / modified and system activities ? )
e) what are the more common COBIT & SOX practices applicable to banking ?
f) data encryption to encrypt sensitive files from prying eyes of system admin
g) Is Continuous Data Protection (CDP) to enable Point-In-Time recovery
essential in banking environment?
h) regular test restoration of tapes & how long is the tapes retention like
that's required by regulatory authority?
Last Comment
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Security
Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection. Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.
32K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
