Audit

An important component of monitoring is an appropriate independent audit function. Financial institutions offering e-banking products and services should expand their audit coverage commensurate with the increased complexity and risks inherent in e-banking activities. Financial institutions offering e-banking services should ensure the audit program expands to include:

  • Scope and coverage, including the entire e-banking process as applicable (i.e., network configuration and security, interfaces to legacy systems, regulatory compliance, internal controls, and support activities performed by third-party providers);
  • Personnel with sufficient technical expertise to evaluate security threats and controls in an open network (i.e., the Internet); and
  • Independent individuals or companies conducting the audits without conflicting e-banking or network security roles.

 

Previous Section
Monitoring and Accountability
Next Section
Managing Outsourcing Relationships