Avatar of sunhux
sunhux asked on

List of Infra audit & security guidelines for banking environment

Urgently need a list of audit & security guidelines that are specific /
unique to banking:

a) IT staff needs to take continuous block leave of 7 working days?
b) a reason has to be keyed in for system admin whenever he/she
     login to Prod system?

To detect fraud  & prevent data alteration,
c) using ACL, IDEA to detect fraud or unauthorized data alteration
d) screen log / key log system admin's access to systems (guess this
     is only feasible in command line based systems like Unix & OpenVMS
     but for Windows is there a tool that reports what are the files being
     changed / modified and system activities ? )
e) what are the more common COBIT & SOX practices applicable to banking ?
f) data encryption to encrypt sensitive files from prying eyes of system admin
g) Is Continuous Data Protection (CDP) to enable Point-In-Time recovery
    essential in banking environment?
h) regular test restoration of tapes & how long is the tapes retention like
     that's required by regulatory authority?
Network AnalysisSecurityEncryption

Avatar of undefined
Last Comment
btan

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
btan

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck