Course Details

Information System (IS) Audit in Banks for IS Auditors

  • Title : Information System (IS) Audit in Banks for IS Auditors
  • Course TYPE : Training Course
  • Course No : TC10/2021
  • Duration : 05
  • Frequency : 01
  • Time : Sunday 4th of April 2021 - Thursday 8th of April 2021
  • Nature: Online
  • Target Group : Senior Officer or Equivalent Officer and above who are working in the ICC/Audit department having IT Background
  • Methods : Lecture, Group Discussion and Case Study
  • Resource Person: BIBM Faculty and Professionals from Financial and other Institutions
  • Coordination Team :
    1 . Md. Shihab Uddin Khan
    2 . Md. Foysal Hasan
  • Objectives:

    a.  To Enable the Participants to Understand IS Audit with a Heightened Awareness of Security and Control Concerns.   

    b. To Enhance the Skill of the Participants to Develop Effective IS Audit Policy and Conduct IS Audit in Banks with Care and Confidence.

  • Contents:

    a. Fundamentals of IT-Based Products and Services in Banks.

    b. Fundamentals of Information Security in Banks, Cyber Attack and Online Frauds in Banks and Preventive Measures.

    c. Concept of IS Audit and Audit Process in Banks: Planning, Audit opening meeting, Creating auditing program and Set the scope.

    d. IS Audit Checklist in Banks: ICT Operation Management, ADCs Management, Asset Management and Devices Controls, ICT Security Management, Physical and Environment Security Management, Information Security Standard, IT Risk Management, Software Development and Acquisition, Business Continuity and Disaster Recovery Management, Impact of Last Inspection Report.

    e. Inspection of Data Access Control and Malware Management of Online Bank.

    f. Inspection of Network Security, Vulnerability Assessment, and Penetration Testing.

    g. IT Risk Management Audit: Risk IT Framework for the governance and control of IT-Based Business Solutions and Services.

    h. Audit of Outsourcing and Service Provider Management in Banks.

    i. Overview of ISO 27001/2: IS Audit Standard for IT Auditors.

    j. Case Study on IS Audit and Inspection in Banks.

    k. Case study on IT Risk Assessment: Risk Register, Risk Mapping/Matrix, and Risk Mitigation Plan.

    l. Implementation of Cyberlaw- ICT Act-2006 and Digital Security Act-2018.

1. BIBM member banks can access the online nomination form before forty (40) days of the commencement of programs. BIBM member banks can nominate a maximum number of three (03) participants for a Training Course / Training Workshop. The maximum number of participants in each Training Course / Training Workshop is 40. However, if the number of total nominees exceeds the maximum number, a final list of 40 participants will be prepared by the BIBM authority which will be available online five (05) days prior to the commencement of the Training Course / Training Workshop. Information in regard to rejection of any nomination will be communicated to the concerned bank at least three (03) days before the commencement of the Training Course / Training Workshop. No participant under the target group/level is allowed to participate in any Training Course / Training Workshop.

2.  All member banks are required to pay Tk.1000 per day per participant including holidays (if any) as a course fee. All charges are excluding VAT and Tax.

3. The pay order/bank draft drawn in favor of ‘Bangladesh Institute of Bank Management” has to be sent at least seven (07) days prior to the commencement of the Training Course / Training Workshop.

4. BIBM will send Meeting ID to the nominated participants (through email) to join the zoom meeting app-based interactive session. Moreover, the course Coordination Team and BIBM Training Wing will regularly communicate with the nominated participants for further updates.

5. The Training for each day will be as follows:

1st Session: 11.00 am – 12.00 pm      

2nd Session 12.05 pm – 13.05 pm

Lunch & Prayer Break: 13.05 pm – 14.05 pm

3rd Session 14.05 pm – 15.05 pm

4th Session 15.10 pm – 16.10 pm