Is audit

DISA  / CISA  qualified  members can  do Information system audit 

Pass %  of DISA  ( JUNE 2014 ) was just 6%  . CISA is also  very tough  , though  objective type  questions were to be answered 

Audit focuses on vulnerabilty assessment & penetration testing 

Cyber fraud is a real threat  and the  amount involved  surpasses  narcotic   & arms trade 

Recent  comment  by  RBI Governor Mr. Raghram Rajan  is  note worthy  . Banks and financial Institutions  are  the major target  

As a professional opportunity   Fees  matters us  .  To perform the audit not only qualification but also  lot of knowledge  & skills are needed , we may need to employ  computer professional also .  IN  INDIA   there is  a Government  Organisation  bY  name  C.E.R.T  giving accredition  to Audit Firms . Scope is very vast  both in India & abroad 

Now a days  as a routine excercise  Banks are getting their ATMs IS audited   According to information  fees is  around Rs 5000/ . 

Can you suggest some very useful materials (other than those published by ISACA) for equipping oneself for understaning the nitty gritties of how to conduct such audits ? 

I  qualified   DISA  in last June . . Just focused to pass the exam .  Knowledge  is a concern for me .   Ron weber's Book  " Information system control & Audit "   ( Pearson )  is a widely read book 

What  CA s   lack is technical knowledge &  Technology is fast changing .    

 For that "  Computer today "  was suggested 

Our  Institute has changed the syllabus & pattern  recently  . They have included  certain project work / practical session  also now     Institute's material  refer lot of books at the end of each chapter  

However  I have  not read any of these book  .   All the best 

Your  intiative is really appreciated  

We can build up Knowledge  through simple  question answer sessions . As also the task gets simoplified since many  can contribute  to make  the whole  

Pl go ahead . start in a systematic  manner  .

Mr. Hareesh, what you said is correct.  For accadamic interest you can go for DISA and you can have one more certificate in your file.  On remuneration point of view the fees you are getting from banks on IS audit is very low.  I did IS audit for more than 7 years for KVB branches and was given a lump sum fees of Rs. 3000 per branch.  Just to have some sort of experience in IS audit I did.  2 years back I refused the audit offer given by this bank.  The amount prescribed is an insult to our profession.  When DISA was introduced, Mr. Santhana Krishnan was central council member and he was the chairman of IT committee (I think so).  To popularise the couse he was telling, you would get more IS audit from banks and just as branch statutory audit, for IS audit also our institute would commence separate empanelment.  But nothing happened.  No bank is giving priority to IS audit particularly for DISA qualification.  If you are CISA qualified, you may get some assainments. 

Right   Satyanarayananji   -  The fee of 3000/ is an insult  . But some of our collegues are pursuing  it . My friend  told me that  few used to deploy their Aricles and grab this amount . Some members   do this  if lot of  branches are offered  and the overall fees is  ok 

DISA / CISA qualification  is ( directly indirectly  ) insisted  for empnelments . Because when there is a choice  a member with these  would be prefered . For  Central Auditors   I think at least  2 members should DISA / CISA qualified  . Every where ( concurrent audit / CAG ) it asked whether  CISA / DISA  qualified .    

But  if you get   C.E.R.T accredition  oppurtunities are said to be better  . Because  IS  audits  of   P.S.U    fetch  huge amounts ( I was told  around 20 Lakhs )    But we need to be equipped for that  . A big partnership  with   members  havig  specialised   areas   

Mr. Santhana krishnan  is still there  at the helm  . Let  us hope for the best 

Recently  I did   FAFD  &  CONCURRENT AUDIT courses  . Attendance was  good   . What I   noticed  is  when other areas dry up  we think of  these certifications and  other empanelment  requirements. These become  feather in the cap 

One member asked during the session   that  despite the fee for concurrent audit  being very low  there are lot of applicants  and whether this is attributed to poverty amongst  the members . One  corrected  " it is not due  to poverty  but LIBERTY " 

Thanks a lot everyone for support and sharing knowledge. hope will enjoy this platform.