M. Revathy sriram, Ph.D., FCA, DMA (ICA), FCMA, FCS, DISA, CISA, CISM, CGEIT, CRISC,CFE, Managing Director of Tejas Brainware Systems Private Limited, Chennai, India (www.tejasbrainware.com), an organization totally dedicated to consultancy services in the area of Information Systems Security Assurance.

Dr. Revathy Sriram is a double graduate (Mathematics and Law) and a senior Chartered Accountant with extensive experience and academic qualifications in the area of Computer Security. Apart from presenting papers at many conferences, national and international, she has been providing faculty support to professional bodies. She has authored a book Systems Audit, which was the first book by an Indian to be included in the bookstore of International body ISACA in the United States.

 The Book

This compact and concise study provides a clear insight into the concepts of Core Banking Solution (CBS)—a set of software components that offer today’s banking market a robust operational customer database and customer administration.

It attempts to make core banking solution familiar to the professionals and regulatory authorities, who are responsible for the control and security of banks, and shows that by using CBS, banking services can be made more customer friendly.

This well-organized text, divided into two parts and five sections, begins (Part I) with the need for core banking solution technology in banking system, its implementation and practice. It then goes on to a detailed discussion on various technology implications of ATM, Internet banking, cash management system and so on. Part I concludes with Business Continuity Planning (BCP) and Disaster Recovery Planning (DCP).

Part II focuses on components of audit approach of a bank where the core banking solution has been in operation. Besides, usage of audit tools and study of audit logs have been discussed.

The Second Edition includes new sections on outsourcing of ATM operations, printing of ATM card, printing of Pin Mailers, mobile banking, Point of Sale (POS), financial inclusion, vulnerability assessment, penetration testing and so on. Besides, many topics have been discussed extensively and updated to make the book more comprehensive and complete.


 Suggested checklists for performing audits are included.
 An exclusive chapter is devoted to Case Studies based on fraudulent      activities in banks due to lack of security and controls.
 Useful Web references have been provided.
 Contains relevant standards of international body ISACA, USA.

This book would be useful for Chartered Accountants who are Auditors of various banks. It would help the External System Auditors and the Auditors who perform concurrent system audit of banks and also the Officers of the Department of Banking Supervision of the Reserve Bank of India and others who have the responsibilities of regulating the security and controls in the banks.

In addition, it would be extremely useful to the bankers who have Information Technology as one of the subjects for the CAIIB examination.

This book is a trailblazer in the Indian Banking scene. It makes tremendous andvital contribution to the aspect of Computer Assurance and Risk Management in Banking. 
— N. VITTAL, I.A.S. (Retd.), Former Central Vigilance Commissioner




 The Book

Foreword. Introduction. Preface. Preface to the First Edition. Acknowledgements.

Part 1—core Banking solution: Its Functions, applications and Managing system.

    1. What is Core Banking Solution (CBS)?. 
    2. Technology Behind Core Banking      Solution (CBS). 
    3. Implementation of Core Banking      Solution (CBS).
    4. Functions of the Information      Technology Department. 
    5. Systems and Procedures for Effective      Implementation of CBS. 
    6. Application Program Modules and their      Functionality. 
    7. Activating the Branches. 
    8. ATM Functionality—How it works.
        Gross Settlement, Cash Management          System,Mobile and Financial Inclusion. 
    10. Security Policy. 
    11. Business  Continuity  Planning (BCP)        and Disaster RecoveryPlanning (DRP). 

    Part 2— Evaluation of security and control. 

    12. Scope of Evaluation of Security and        Controls in a Core Banking Solution. 
    13. Review of Security Policy         Implementation. 
    14. Review of Business Continuity        Planning and Disaster Recovery        Planning. 
    15. Systems Development and Change        Management. 
    16. Network Security. 
    17. Evaluation of Controls in Operating        System. 
    18. Testing of Application Modules of Core        Banking Solution. 
    19. Evaluation of Controls in ATM        Operations. 
    20. Evaluation of Controls in Internet         Banking.
    21. Evaluation of Controls and Audit of        Branches. 
    22. Review of System Logs. 
    23. Audit Tools. 
    24. Instances of Frauds, Its Causes and        Controls. 
    25. Relevant ISACA Standards,         Guidelines and Procedures.

    Relevant RBI Circulars and Notifications. 
    Glossary of Terms. 
    Web References.