31 December 2010
RBI/2010-11/340 DPSS.CO.OSD. No. 1444 /06.11.001/2010-2011
December 27, 2010
To All Scheduled Commercial Banks / Authorised Payment System Operators
Dear Sir,
Directions for submission of system audit reports from CISA qualified Auditor
Please refer to our circular Ref No. DPSS.1206/ 02.27.005/2009-10 dated 7th December 2009 on the captioned subject.
2. All authorised entities are advised to furnish their respective system audit reports from a CISA qualified auditor on an annual basis. Authorised entities which follow an April-March financial year, the system audit report should be submitted within two months i.e. by 1st June of that year. Authorised entities, which follow a calendar year annual closing, are advised to submit their system audit reports by 1st March of the following year.
3. These directions are issued under Section 6(1) of the Payment and Settlement Systems Regulations 2008 read with Section 12 of the Payment and Settlement Systems Act, 2007.
Yours faithfully
G. Srinivas (General Manager)
Does that Mean the Importance of DISA (ICAI) will be affected. I expect the Comment of experts in this matter
31 December 2010
Yes i think your contention is correct as CISA is not given by ICAI. Also there could be a mistake in the notification also as in India i think only DISA (ICAI) is recognised.
13 March 2011
Can any body tell me what should our ICAI do when such kind of circular are released. I mean if this is the case then why one would do DISA? He / She will do directly the CISA. To be more precise i would like to raise a question here that what is the use of DISA if that is not enough fot bank system audit? I expect the Comment of experts in this matter..... Thanks in advance
To all Authorised Payment System Operators & Entities
Dear Sir,
Submission of system audit reports
Please refer to our earlier circulars DPSS.AD.No./1206/02.27.005/2009-2010 dated December 7, 2009 and DPSS.1444/ 06.11.001/ 2010-2011 dated December 27, 2010 on the captioned subject.
In partial modification of the instructions contained therein, it is advised that the system audit may be conducted by a Certified Information Systems Auditor (CISA) and registered with Information Systems Audit and Control Association (ISACA) or by a holder of a Diploma in Information System Audit (DISA) qualification of the Institute of Chartered Accountants of India (ICAI).