Course Details

Information System Audit in Banks for IT Officials

  • Title : Information System Audit in Banks for IT Officials
  • Course TYPE : Training Course
  • Course No : TC22/2022
  • Duration : 05 Working Days
  • Frequency : 01
  • Time : Sunday 22nd of May 2022 - Thursday 26th of May 2022
  • Nature: Online
  • Target Group : Senior Officer or Equivalent Officer and above who are working in the ICC/Audit department having IT Background
  • Methods : Lecture, Group Discussion, case study and Practical Demonstration
  • Resource Person: BIBM Faculty and Professionals from Financial and Other Institutions
  • Coordination Team :
    1 . Md. Shihab Uddin Khan
    2 . Md. Foysal Hasan
  • Objectives:

    a.To Enable the Participants to Understand IS Audit Highlighting Security and Control Concerns.  

    b. To Enhance the Skill of the Participants to Conduct Effective IS Audit in Banks with Care and Confidence.

  • Contents:

    a. IT Based Products and Services in Banks.

    b. Fundamentals of Information Security in Banks, Cyber Attack and Online Frauds in Banks and Preventive Measures.

    c. Concept of IS Audit and Audit Process in Banks: Planning, Audit opening meeting, Creating auditing program and Set the scope.

    d. IS Audit Checklist in Banks: ICT Operation Management, ADCs Management, Asset  Management and Devices Controls, ICT Security Management, Physical and Environment Security Management, Information Security Standard, IT Risk Management, Software Development and Acquisition, Business Continuity and Disaster Recovery Management, Impact of Last Inspection Report.

    e. Inspection of Data Access Control and Malware Management of Online Bank.

    f. Inspection of Network Security.

    g. Practical Demonstration on Vulnerability Assessment and Penetration Testing (VAPT).

    h. IT Risk Management Audit: Risk IT Framework for the governance and control of IT-Based Business Solutions and Services.

    i. Audit of Outsourcing and Service Provider Management in Banks.

    j. Case Study on IS Audit and Inspection in Banks.

    k. Case study on IT Risk Assessment: Risk Register, Risk Mapping/Matrix and Risk Mitigation Plan.

    l. Implementation of Cyber Law: ICT Act-2006 and Digital Security Act-2018.

Terms and Conditions:

1. BIBM member banks can access the online nomination form before forty (40) days of the commencement of programs. BIBM member banks can nominate a maximum number of five (05) participants for a Training Course / Training Workshop. The maximum number of participants in each Training Course / Training Workshop is 40. However, if the number of total nominees exceeds the maximum number, a final list of 40 participants will be prepared by the BIBM authority which will be available online five (05) days prior to the commencement of the Training Course / Training Workshop. Information in regard to rejection of any nomination will be communicated to the concerned bank at least three (03) days before the commencement of the Training Course / Training Workshop. No participant under the target group/level is allowed to participate in any Training Course / Training Workshop.

2.  All member banks are required to pay Tk.1000 per day per participant including holidays (if any) as a course fee. All charges are excluding VAT and Tax.

3. The pay order/bank draft drawn in favor of ‘Bangladesh Institute of Bank Management” has to be sent at least seven (07) days prior to the commencement of the Training Course / Training Workshop.

4. BIBM will send Meeting ID to the nominated participants (through email) to join the zoom meeting app-based interactive session. Moreover, the course Coordination Team and BIBM Training Wing will regularly communicate with the nominated participants for further updates.

5. The Training for each day will be as follows:

1st Session: 11.00 am – 12.00 pm      

2nd Session 12.05 pm – 13.05 pm

Lunch & Prayer Break: 13.05 pm – 14.05 pm

3rd Session 14.05 pm – 15.05 pm

4th Session 15.10 pm – 16.10 pm