[email protected] 48032091-4
[email protected] 48032091-4

Course Details

Information System Audit in Banks for IT Officials

  • Title : Information System Audit in Banks for IT Officials
  • Course TYPE : Training Course
  • Course No : TC22/2024
  • Duration : 05 Working Days
  • Frequency : 01
  • Time : Sunday 12th of May 2024 - Thursday 16th of May 2024
  • Nature: On-campus (Residential)
  • Target Group : Senior Officer or Equivalent Officer and above who are working in the ICC/Audit department having IT Background
  • Methods : Lecture, Group Discussion, Case Study and Practical Demonstration.
  • Resource Person: BIBM Faculty and Professionals from Financial and other Institutions
  • Coordination Team :
    1 . Md. Shihab Uddin Khan
    2 . Kaniz Rabbi
  • Objectives:

    a.    To Enable the Participants to Understand IS Audit Highlighting Security and Control Concerns.             

    b.    To Enhance the Skill of the Participants to Conduct Effective IS Audit in Banks with Care and Confidence.

  • Contents:

    a. IT-Based Products and Services in Banks.

    b. Fundamentals of Information Security in Banks, Cyber Attack and Online Frauds in Banks and Preventive Measures.

    c. Concept of IS Audit and Audit Process in Banks: Planning, Audit opening meeting, creating auditing program, and setting the scope.

    d. IS Audit Checklist in Banks: ICT Operation Management, ADCs Management, Asset Management, and Devices Controls, ICT Security Management, Physical and Environment Security Management, Information Security Standard, IT Risk Management, Software Development and Acquisition, Business Continuity and Disaster Recovery Management, Impact of Last Inspection Report.

    e. Inspection of Data Access Control and Malware Management of Online Bank.

    f. Inspection of Network Security.

    g. Practical Demonstration of Vulnerability Assessment and Penetration Testing (VAPT).

    h. IT Risk Management Audit: Risk IT Framework for the governance and control of IT-Based Business Solutions and Services.

    i. Audit of Outsourcing and Service Provider Management in Banks.

    j. Case Study on IS Audit and Inspection in Banks.

    k. Case study on IT Risk Assessment: Risk Register, Risk Mapping/Matrix, and Risk Mitigation Plan.

    l. Implementation of Cyber Law:  Cyber Security Act. 2023 and Digital Security Act.

Criteria for Nomination for BIBM Training

a. BIBM member banks can access the online nomination form before forty (40) days of the commencement of programs. BIBM member banks can nominate a maximum of three (03) participants for a Training Workshop. The maximum number of participants in each Training Workshop is 40. However, suppose the number of total nominees exceeds the maximum number. In that case, a final list of 40 participants will be prepared by the BIBM authority which will be available online five (05) days before the commencement of the Training Workshop. Information regarding the rejection of any nomination will be communicated to the concerned bank at least three (03) days before the commencement of the Training Workshop. No participant under the target group/level is allowed to participate in any Training Workshop.

b. As per the decision of the BIBM Governing Board, BIBM Member Banks (except Bangladesh Bank) are required to pay BDT 1700* per day per participant including holidays (if any) as training fees which also include Accommodation, Food, and other miscellaneous expenses. However, for Bangladesh Bank, the fee is BDT 700 per day per participant. All Fees are excluding VAT and Tax. 

c. The pay order/bank draft drawn in favor of ‘Bangladesh Institute of Bank Management’ must be sent at least seven (07) days before the Training Course/Workshop commences.

d. The Training for each day will be as follows:

Time

Session

0945-1045

1st Session

1045-1100

Break

1100-1200

2nd Session

1200-1215

Break

1215-1315

3rd Session

1315-1345

Prayer Break

1345-1445

4th Session