Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Your audit client, Bank of Vancouver, a new client of your audit form has provided you with some background information about their IT process: Bank

Your audit client, Bank of Vancouver, a new client of your audit form has provided you with some background information about their IT process:

Bank of Vancouver is a holding company that operates banks in five provinces and two states to provide commercial lending and banking operations—as well as credit card, trust, mortgage, investment, and advisory services. They expect to report $20 Billion in assets for 2017. Responsibility for Business Continuity Management (BCM) falls to the CIO, who joined the company in 2016 to oversee the organization's Business Continuity Planning (BCP), Disaster Recovery Plan (DRP), and Information Security. With the threats of cyberattack in the financial industry, Bank of Vancouver is also looking into its cybersecurity program to identify ways to improve it.

The CIO came from many years of IT experience in the manufacturing sector. External consultant are also hired to handle the development of the BCP and DRP, as well as the security program in order to obtain external knowledge and expertise. The External vendors manage the project and keep all the documentation on behalf of the Bank. The External vendors will inform the Bank when there are areas needed for attention and also notify the Bank when there are security incidents that the Bank should be aware of.  

The CIO meet with the external vendors on an annual basis to make sure that the vendors have no issues delivering their service to the Bank. Other than this annual meeting, the Bank receives one SOC report from one of the vendors who are hosting a cold site for the Bank and also many other companies. The SOC report is filed by the Accounting Department for Vendor management purpose.

With respect to the program, IT involves the Procurement Department headed by the Financial Controller to make sure the purchases are made in accordance to the Financial Plan and Budget of the Company.  The CEO annually approves the Budget. For the DRP, the External Vendor run annual test at their sites to make sure it is workable. They would also contact the various departments of the Bank if they require any information to update the DRP. A standard questionnaire form is used by the Vendor.

As the IT auditor to Bank of Vancouver, make memo to your audit partner outlining some potential issues to the BCP/DRP and Cybersecurity program at the Bank.

Step by Step Solution

3.45 Rating (158 Votes )

There are 3 Steps involved in it

Step: 1

Answer The auditors were hired by Bank of V for the specific reason specified in the letter of engagement of auditing The audit engagement requirements included thoroughly analysing the banks informat... blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Managerial accounting

Authors: ramji balakrishnan, k. s i varamakrishnan, Geoffrey b. sprin

1st edition

471467855, 978-0471467854

More Books

Students also viewed these Law questions