Easy2Siksha.com
GNDU QUESTION PAPERS 2021
B.com 4
th
SEMESTER
ELECTRONIC BANKING & RISK MANAGEMENT
Time Allowed: 3 Hours Maximum Marks: 50
Note: Aempt Five quesons in all, selecng at least One queson from each secon. The
Fih queson may be aempted from any secon. All quesons carry equal marks.
1. What are the various e-banking services oered by a bank?
2. What are the security issues in electronic payment systems? How can security issues be
controlled?
3. Briey discuss the following terms:
(a) Nicknet
(b) 1-net
(c) Datanet
(d) Banknet.
4. What are the implicaons of informaon technology for customers and service quality
in banks?
5. What do you mean by Risk Management ? What are crucial components that must be
considered while creang a risk management framework in banks ?
6. What are the objecves of enterprise risk management? What is the dierence
between risk management and enterprise risk management ?
7. What is the scope of computer audit and also discuss its tools.
Easy2Siksha.com
8. What are the key elements in the framework for Asset Liability Management?
GNDU ANSWER PAPERS 2021
B.com 4
th
SEMESTER
ELECTRONIC BANKING & RISK MANAGEMENT
Time Allowed: 3 Hours Maximum Marks: 50
Note: Aempt Five quesons in all, selecng at least One queson from each secon. The
Fih queson may be aempted from any secon. All quesons carry equal marks.
1. What are the various e-banking services oered by a bank?
Ans: 1. What are the Various E-Banking Services Offered by a Bank?
Imagine a time when you had to visit a bank for every small task—checking your balance,
transferring money, or even paying a bill. Long queues, limited working hours, and
paperwork made banking slow and tiring. Today, thanks to e-banking (electronic banking),
all these services are available at your fingertips—anytime, anywhere.
What is E-Banking?
E-banking refers to banking services provided through electronic devices like mobile
phones, computers, ATMs, and the internet. It allows customers to perform financial
transactions without visiting a physical bank branch.
Think of it as your bank in your pocket.
Major E-Banking Services Offered by Banks
Let’s explore the most common and useful e-banking services one by one.
Easy2Siksha.com
1. Internet Banking (Online Banking)
This is one of the most widely used services. Banks provide a secure website where
customers can log in using their ID and password.
What you can do:
• Check account balance
• Transfer money
• View transaction history
• Download statements
• Pay bills (electricity, water, etc.)
Example: You sit at home, open your laptop, log in, and pay your electricity bill in 2
minutes.
2. Mobile Banking
Mobile banking apps have made banking even easier. Almost every bank provides an app.
Features:
• Instant money transfer
• UPI payments
• QR code scanning
• Recharge mobile or DTH
• Track expenses
Example: You pay a shopkeeper by scanning a QR code using your phone.
3. ATM Services (Automated Teller Machines)
ATMs are one of the earliest forms of e-banking.
Services available:
• Cash withdrawal
• Balance inquiry
• Mini statement
• Fund transfer (in some ATMs)
• PIN change
Example: You withdraw cash anytime—even at midnight.
Easy2Siksha.com
4. Electronic Fund Transfer (EFT)
This includes different methods to transfer money electronically between bank accounts:
(a) NEFT (National Electronic Funds Transfer)
• Used for transferring money in batches
• Available 24/7
(b) RTGS (Real Time Gross Settlement)
• For large transactions
• Instant transfer
(c) IMPS (Immediate Payment Service)
• Instant transfer, even on holidays
Example: You send money to a friend urgently using IMPS within seconds.
5. UPI (Unified Payments Interface)
UPI is one of the most popular services in India.
Features:
• Instant money transfer using mobile number or UPI ID
• Works 24/7
• No need for bank details
Example: You split a restaurant bill with friends using UPI.
6. Online Bill Payment
Banks allow you to pay utility bills directly.
Includes:
• Electricity
• Water
• Gas
• Mobile recharge
• DTH
Easy2Siksha.com
Example: No more standing in queues—pay everything online in minutes.
7. E-Commerce Payments
E-banking supports online shopping.
How it works:
• Use debit/credit card
• Net banking
• UPI
Example: You order clothes online and pay instantly using your bank account.
8. SMS Banking
Even without internet, banks provide services via SMS.
Services:
• Balance inquiry
• Mini statement
• Alerts for transactions
Example: You send a simple SMS and get your account balance instantly.
9. Email Alerts and Notifications
Banks keep you informed through email.
Includes:
• Transaction alerts
• Monthly statements
• Security notifications
10. E-Statements
Instead of paper statements, banks provide digital statements.
Easy2Siksha.com
Benefits:
• Eco-friendly
• Easy to store and access
• Instant download
11. Card Services (Debit/Credit Card Management)
Through e-banking, you can:
• Block/unblock cards
• Set transaction limits
• Generate PIN
• Track spending
Simple Diagram of E-Banking System
+------------------+
| CUSTOMER |
+------------------+
|
----------------------------------------
| | | |
Mobile App Internet ATM Machine SMS
Banking
| | | |
----------------------------------------
|
+------------------+
| BANK |
| (Core Banking) |
+------------------+
|
+------------------+
| Other Services |
| (UPI, NEFT, etc.)|
+------------------+
Advantages of E-Banking
• Convenience – Available 24/7
• Time-saving – No need to visit banks
• Fast transactions – Instant transfers
• Cost-effective – Reduces travel and paperwork
Easy2Siksha.com
• Secure – Protected with passwords, OTPs, and encryption
Precautions While Using E-Banking
• Never share your OTP or password
• Use secure internet connections
• Log out after transactions
• Avoid using public computers
Conclusion
E-banking has completely transformed the way we interact with banks. What once required
time, effort, and physical presence can now be done in seconds using a smartphone or
computer. From transferring money to paying bills, from shopping online to managing
accounts—everything is just a click away.
In simple words, e-banking is not just a service—it’s a lifestyle upgrade. It makes banking
faster, easier, and smarter, especially in today’s digital world.
2. What are the security issues in electronic payment systems? How can security issues be
controlled?
Ans: Security Issues in Electronic Payment Systems & Their Control (Simple Explanation)
Electronic payment systems (like UPI, debit/credit cards, mobile wallets, and net banking)
have made life very convenient. Today, you can send money within seconds using apps like
Google Pay or PhonePe. But with this convenience comes risk. Just like carrying cash can
lead to theft, digital money can also be stolen if proper security is not maintained.
What are Security Issues in Electronic Payment Systems?
Security issues are the problems or risks that can lead to loss of money, theft of personal
data, or unauthorized access to your account.
1. Hacking and Unauthorized Access
Easy2Siksha.com
Hackers try to break into systems or user accounts. If they get access to your login details
(like password, OTP, or PIN), they can transfer money without your permission.
Example: Someone guesses your weak password or uses stolen credentials to access
your bank account.
2. Phishing Attacks
Phishing is when fraudsters trick users into giving sensitive information like passwords or
OTPs.
Example: You receive a fake message pretending to be from your bank asking you to
“update your account” and you unknowingly enter your details.
3. Malware and Viruses
Malicious software (malware) can enter your device through unsafe downloads or links and
steal your data.
Example: A fake app installs spyware that records your keystrokes (like passwords).
4. Data Theft and Privacy Issues
Sensitive information like card details, bank account numbers, and personal identity can be
stolen from insecure systems.
Example: A company’s database gets hacked and users’ card details are leaked.
5. Man-in-the-Middle (MITM) Attacks
In this attack, a hacker secretly intercepts communication between two parties.
Example: Using public Wi-Fi, a hacker intercepts your payment data.
6. Identity Theft
Fraudsters use someone else's identity to perform transactions.
Easy2Siksha.com
Example: Using your stolen documents, someone opens a fake account.
7. Weak Authentication Systems
If a system only uses simple passwords, it becomes easy for attackers to break in.
Example: Using “123456” or “password” makes your account highly vulnerable.
How Can Security Issues Be Controlled?
Now let’s see how we can protect electronic payment systems.
1. Strong Authentication Methods
Use multiple layers of security like:
• Password + OTP
• Fingerprint or Face ID
This is called Two-Factor Authentication (2FA).
2. Encryption Technology
Encryption converts your data into a coded form so that hackers cannot read it.
Example: Secure websites use HTTPS (you see a lock in the browser).
3. Awareness and User Education
Users should:
• Never share OTP or PIN
• Avoid clicking unknown links
• Verify messages before responding
Most fraud happens due to lack of awareness.
Easy2Siksha.com
4. Secure Networks
Avoid using public Wi-Fi for payments. Always use secure and trusted networks.
5. Regular Software Updates
Updating apps and devices helps fix security bugs and vulnerabilities.
6. Firewalls and Antivirus Protection
Security software can detect and block malicious activities.
7. Transaction Alerts
Banks send SMS or app notifications for every transaction.
This helps you quickly detect fraud.
8. Tokenization
Instead of sharing real card details, systems use a “token” (a random code).
Even if stolen, it cannot be misused.
Simple Diagram for Understanding
User → Payment App → Bank Server → Payment Gateway → Receiver
(Security at every step: Encryption, Authentication, Monitoring)
Conclusion
Electronic payment systems have made transactions fast, easy, and efficient. However, they
also come with security risks like hacking, phishing, malware, and data theft. The good news
Easy2Siksha.com
is that these risks can be controlled through proper security measures such as strong
authentication, encryption, awareness, and secure systems.
3. Briey discuss the following terms:
(a) Nicknet
(b) 1-net
(c) Datanet
(d) Banknet.
Ans: Introduction
In the 1980s and 1990s, India’s banking and financial sector began adopting information
technology to improve efficiency. To enable secure communication between banks, financial
institutions, and government agencies, several networks were established. These included
Nicknet, 1-net, Datanet, and Banknet. Let’s explore each one in detail.
(a) Nicknet
• Meaning: Nicknet was a communication network developed by the National
Informatics Centre (NIC).
• Purpose: It connected government departments, public sector organizations, and
banks for secure data transfer.
• Features:
o Provided email and file transfer services.
o Used packet-switched technology for reliable communication.
o Helped in linking district-level offices with central government departments.
• Importance: Nicknet was one of the earliest attempts to create a nationwide data
communication backbone in India, laying the foundation for later government
networks.
(b) 1-net
• Meaning: 1-net was a communication system designed to support inter-bank
transactions and messaging.
• Purpose: It allowed banks to exchange information quickly, reducing reliance on
postal or manual communication.
• Features:
o Provided secure messaging between banks.
o Supported financial data transfer and settlement instructions.
o Helped in reducing delays in clearing and settlement.
• Importance: 1-net was a step toward digitizing banking operations, ensuring faster
and more reliable communication between institutions.
Easy2Siksha.com
(c) Datanet
• Meaning: Datanet was a data communication network established to connect
financial institutions and government agencies.
• Purpose: It enabled the transfer of large volumes of financial and statistical data.
• Features:
o Supported batch processing and real-time communication.
o Used leased lines and packet-switched technology.
o Facilitated reporting of financial statistics to regulators.
• Importance: Datanet was crucial for the Reserve Bank of India (RBI) and other
agencies to collect and analyze financial data efficiently.
(d) Banknet
• Meaning: Banknet was a dedicated communication network for banks, established
by the Reserve Bank of India (RBI) in 1991.
• Purpose: It connected banks across major cities to enable secure inter-bank
communication and payment processing.
• Features:
o Packet-switched X.25 based network.
o Nodes in Mumbai, Delhi, Chennai, and Kolkata, with a central switching hub
at Nagpur.
o Supported messaging, fund transfer instructions, and clearing operations.
• Importance: Banknet was a milestone in India’s banking sector, enabling faster
clearing of cheques, fund transfers, and communication between banks. It reduced
manual errors and improved efficiency.
Diagram to Visualize
+-------------------------+
| Communication Networks|
+-------------------------+
|
-----------------------------------------
| | | |
Nicknet 1-net Datanet Banknet
Govt. data Inter-bank Financial RBI’s secure
transfer messaging statistics banking network
Significance of These Networks
• Modernization: They marked India’s transition from manual to electronic
communication in banking.
• Security: Provided secure channels for sensitive financial data.
• Efficiency: Reduced delays in transactions and reporting.
• Foundation: Laid the groundwork for today’s advanced systems like NEFT, RTGS, and
UPI.
Easy2Siksha.com
Conclusion
Nicknet, 1-net, Datanet, and Banknet were pioneering communication networks that
transformed India’s banking and financial ecosystem. Each played a unique role—Nicknet in
government communication, 1-net in inter-bank messaging, Datanet in financial data
transfer, and Banknet in secure banking operations. Together, they built the backbone for
India’s digital payment revolution.
4. What are the implicaons of informaon technology for customers and service quality
in banks?
Ans: Implications of Information Technology for Customers and Service Quality in Banks
In today’s digital age, Information Technology (IT) has completely transformed the way
banks operate and serve their customers. Earlier, banking meant standing in long queues,
filling out forms, and waiting hours (or even days) for simple tasks like transferring money or
checking balances. But now, thanks to IT, banking has become fast, convenient, and
accessible anytime, anywhere.
1. What is Information Technology in Banking?
Information Technology in banking refers to the use of computers, internet, mobile apps,
software systems, and digital platforms to provide banking services.
Examples include:
• Internet banking
• Mobile banking apps
• ATMs
• Digital payments (UPI, cards, wallets)
• Online customer support
IT acts like the “brain” of modern banking—it manages data, processes transactions, and
connects customers with services instantly.
2. Implications for Customers
Information Technology has brought major changes in how customers experience banking.
(a) Convenience and Accessibility
Easy2Siksha.com
Customers no longer need to visit the bank for every task. With mobile apps and internet
banking, they can:
• Check balance anytime
• Transfer money instantly
• Pay bills from home
Banking is now available 24/7, even on holidays.
(b) Speed of Transactions
Earlier, sending money could take days. Now, with systems like UPI or NEFT/RTGS:
• Transactions happen in seconds or minutes
• Real-time updates are available
This saves time and increases efficiency.
(c) Better Control and Transparency
Customers can easily track their:
• Transactions
• Account statements
• Loan details
Everything is visible on the screen, which increases trust and reduces confusion.
(d) Personalized Services
Banks use IT to analyze customer data and provide:
• Customized offers
• Loan suggestions
• Investment advice
For example, if you often shop online, your bank may offer cashback deals.
(e) Improved Communication
Easy2Siksha.com
Customers can contact banks through:
• Emails
• Chatbots
• SMS alerts
• Mobile notifications
This ensures quick responses and keeps customers informed.
(f) Financial Inclusion
IT has helped bring banking services to rural and remote areas:
• Mobile banking
• Micro-ATMs
• Aadhaar-based services
Even people without access to physical branches can use banking services.
3. Implications for Service Quality in Banks
Service quality refers to how well a bank meets customer expectations. IT has greatly
improved this.
(a) Faster Service Delivery
Automation reduces manual work:
• Instant account opening
• Quick loan approvals
• Faster transaction processing
Customers don’t have to wait for long.
(b) Accuracy and Reduced Errors
Computer systems:
• Minimize human mistakes
• Maintain accurate records
This improves reliability and trust.
Easy2Siksha.com
(c) Consistency in Service
IT ensures that services are:
• Standardized
• Same across all branches and platforms
Customers get a similar experience everywhere.
(d) Enhanced Customer Support
Banks now provide:
• 24/7 helplines
• AI chatbots
• Online complaint systems
Problems are resolved faster than before.
(e) Data Security and Risk Management
Advanced IT systems help banks:
• Detect fraud
• Protect customer data
• Monitor suspicious activities
This increases customer confidence.
(f) Cost Efficiency
IT reduces operational costs:
• Less paperwork
• Fewer manual processes
• Reduced staff workload
Savings can be passed to customers in the form of better services.
4. Diagram: Role of IT in Banking Services
Easy2Siksha.com
Here’s a simple diagram to understand how IT connects everything:
INFORMATION TECHNOLOGY
│
┌───────────────────┼───────────────────┐
│ │ │
Customer Services Bank Operations Service Quality
│ │ │
┌───────┐ ┌──────────┐ ┌────────────┐
│Mobile │ │Automation│ │Speed │
│Banking│ │Processes │ │Accuracy │
└───────┘ └──────────┘ │Reliability │
│ │ └────────────┘
┌───────┐ ┌──────────┐
│Internet│ │Data Mgmt │
│Banking │ │Systems │
└───────┘ └──────────┘
│
┌────────┐
│Digital │
│Payments│
└────────┘
This diagram shows how IT acts as a central system connecting customers, bank
operations, and service quality.
5. Challenges of IT in Banking (Important for Exams)
While IT has many advantages, there are some challenges too:
• Cybersecurity threats (hacking, fraud)
• Technical issues (server downtime)
• Lack of digital literacy among some users
• Dependence on internet connectivity
Banks must continuously upgrade systems to overcome these problems.
6. Conclusion
Information Technology has completely revolutionized banking by making it faster, easier,
and more customer-friendly. For customers, it provides convenience, speed, and control
over financial activities. For banks, it improves service quality through accuracy, efficiency,
and better customer support.
Easy2Siksha.com
5. What do you mean by Risk Management ? What are crucial components that must be
considered while creang a risk management framework in banks ?
Ans: What is Risk Management?
Imagine a bank as a giant vault where people deposit their savings. The bank lends this
money to businesses, individuals, and governments. But what if borrowers don’t repay? Or
what if interest rates suddenly change? Or what if a cyberattack steals sensitive data?
Risk management is the process by which banks identify, assess, and control these
uncertainties to ensure they remain safe, profitable, and trustworthy.
In simple words: Risk management is like a safety shield that protects banks from
unexpected shocks.
Why is Risk Management Important in Banks?
• Protects Depositors: People trust banks with their money. Risk management ensures
that trust isn’t broken.
• Ensures Stability: Banks are the backbone of the economy. If they fail, the entire
financial system shakes.
• Regulatory Compliance: Central banks (like RBI) require banks to follow strict risk
guidelines.
• Profitability: Managing risks helps banks avoid losses and maintain steady profits.
Crucial Components of a Risk Management Framework in Banks
A risk management framework is like a toolkit. Let’s break down the essential components:
1. Risk Identification
• Banks must first identify all possible risks:
o Credit Risk: Borrowers may default.
o Market Risk: Changes in interest rates, exchange rates, or stock prices.
o Operational Risk: Failures in processes, fraud, or cyberattacks.
o Liquidity Risk: Bank may not have enough cash to meet withdrawals.
o Compliance Risk: Violating laws or regulations.
Without identifying risks, banks cannot manage them.
2. Risk Assessment and Measurement
• Once risks are identified, banks measure their impact.
• Tools like Value at Risk (VaR), stress testing, and scenario analysis are used.
• Example: If 10% of borrowers default, how much loss will the bank face?
This step is like calculating how strong a storm could be before preparing defenses.
Easy2Siksha.com
3. Risk Mitigation Strategies
• Banks use different strategies to reduce risks:
o Diversifying loans across industries.
o Using collateral to secure loans.
o Hedging against market risks with derivatives.
o Maintaining liquidity reserves.
This is like carrying an umbrella, raincoat, and boots to prepare for bad weather.
4. Risk Monitoring
• Risks are dynamic—they change with time.
• Banks must continuously monitor credit portfolios, market conditions, and
operational processes.
• Regular audits and compliance checks are part of monitoring.
Think of this as checking the weather forecast every day.
5. Governance and Reporting
• A strong framework requires clear governance:
o Risk committees at board level.
o Chief Risk Officer (CRO) overseeing policies.
o Transparent reporting to regulators and stakeholders.
Governance ensures accountability and discipline.
6. Technology and Data Analytics
• Modern risk management relies heavily on technology:
o AI and machine learning to detect fraud.
o Big data analytics to predict defaults.
o Cybersecurity systems to prevent hacking.
Technology acts like radar, spotting risks before they strike.
7. Regulatory Compliance
• Banks must follow guidelines from regulators (like RBI, Basel norms).
• Basel III framework emphasizes capital adequacy, stress testing, and liquidity
standards.
Compliance is like following traffic rules—it keeps everyone safe.
Diagram to Visualize Risk Management Framework
Easy2Siksha.com
+-------------------------+
| Risk Management in Banks |
+-------------------------+
|
-----------------------------------------
| | | | |
Identification Assessment Mitigation Monitoring Governance
(Find risks) (Measure) (Reduce) (Track) (Report)
Real-Life Example
During the 2008 global financial crisis, many banks collapsed because they underestimated
credit risk (subprime loans). Those with strong risk management frameworks survived
better.
In India, RBI requires banks to maintain Capital Adequacy Ratios and conduct stress tests to
ensure they can withstand shocks. This shows how risk management is not just theory—it’s
survival.
Conclusion
Risk management in banks is about anticipating the unexpected. A strong framework
includes:
• Identifying risks,
• Measuring their impact,
• Mitigating them,
• Monitoring continuously,
• Ensuring governance,
• Using technology, and
• Following regulations.
In short: Risk management is the safety net of banking, ensuring that banks remain
stable, customers remain protected, and the economy remains strong.
6. What are the objecves of enterprise risk management? What is the dierence
between risk management and enterprise risk management ?
Ans: Enterprise Risk Management (ERM):
Imagine you are running a business. Every day, you face different kinds of risks:
• Loss of money
• Competition
• Technology failure
Easy2Siksha.com
• Legal issues
• Market changes
If you only deal with risks one by one, you may miss the bigger picture. That’s where
Enterprise Risk Management (ERM) comes in.
ERM is a system that helps an organization identify, analyze, and manage all risks
together, in a coordinated way.
Objectives of Enterprise Risk Management
ERM is not just about avoiding risks—it’s about managing them smartly. Let’s understand its
main objectives in a simple, student-friendly way:
1. To Identify All Possible Risks
The first objective is to find out every risk that could affect the business.
✔ Financial risks (loss, debt)
✔ Operational risks (machine failure, employee issues)
✔ Strategic risks (competition, wrong decisions)
✔ External risks (government rules, economic changes)
ERM ensures nothing is ignored.
2. To Assess and Analyze Risks
Not all risks are equally dangerous.
ERM helps to:
• Measure how serious a risk is
• Understand how likely it is to happen
Example:
A small delay in delivery is less risky than a complete system failure.
3. To Reduce Losses and Uncertainty
Easy2Siksha.com
ERM focuses on minimizing damage.
It helps businesses:
• Prepare in advance
• Create backup plans
• Avoid surprises
Result: More stability and confidence.
4. To Improve Decision Making
When managers understand risks clearly, they can make better decisions.
Example:
Before launching a new product, ERM helps evaluate:
• Market demand
• Cost risks
• Competition
This leads to smarter planning.
5. To Protect Business Value
ERM ensures that the company’s:
• Reputation
• Assets
• Profits
are protected.
It acts like a safety shield for the organization.
6. To Ensure Compliance with Laws
Businesses must follow rules and regulations.
ERM helps:
• Avoid legal penalties
Easy2Siksha.com
• Maintain proper governance
7. To Support Growth and Opportunities
ERM is not only about avoiding risk—it also helps in taking calculated risks.
Example:
Investing in new technology may be risky, but ERM helps decide if it’s worth it.
8. To Create a Risk-Aware Culture
ERM encourages everyone in the organization to:
• Think about risks
• Act responsibly
It builds a culture of awareness and discipline.
Simple Diagram of ERM Process
Here’s an easy flow to understand how ERM works:
Identify Risks
↓
Analyze Risks
↓
Prioritize Risks
↓
Plan Responses
↓
Monitor & Control
↓
Continuous Improvement
This cycle keeps running continuously.
Difference Between Risk Management and Enterprise Risk Management
Now let’s understand the most important part of your question.
Easy2Siksha.com
1. Basic Meaning
Risk Management
Enterprise Risk Management
Manages risks individually
Manages all risks together
Traditional vs modern approach.
2. Scope
Risk Management
ERM
Limited to specific departments
Covers entire organization
Example:
• Risk Management: Finance team handles financial risks only
• ERM: All departments work together
3. Approach
Risk Management
ERM
Reactive (after problem occurs)
Proactive (before problem occurs)
ERM focuses on prevention.
4. Coordination
Risk Management
ERM
Separate handling
Integrated system
ERM connects all risks.
5. Objective
Risk Management
ERM
Reduce losses
Improve overall performance & value
6. Decision Making
Easy2Siksha.com
Risk Management
ERM
Limited impact
Supports strategic decisions
7. View of Risk
Risk Management
ERM
Risk = danger
Risk = danger + opportunity
ERM sees risk as both threat and opportunity.
Simple Comparison Diagram
Traditional Risk Management:
Finance → HR → Operations (Separate)
Enterprise Risk Management:
ERM System
/ | \
Finance HR Operations
\ | /
Integrated Decision
Conclusion (In Simple Words)
Enterprise Risk Management is like the brain of an organization that thinks about all risks
together. It helps businesses:
• Stay safe
• Make better decisions
• Grow confidently
The key difference is:
• Risk Management = Handling problems separately
• ERM = Managing all risks together in a smart and connected way
7. What is the scope of computer audit and also discuss its tools.
Ans: What is Computer Audit?
Easy2Siksha.com
Think of a computer audit as a health check-up for information systems. Just like doctors
examine your body to ensure everything is functioning properly, auditors examine computer
systems to ensure data is secure, accurate, and reliable.
In simple words: A computer audit is the process of reviewing and evaluating an
organization’s IT systems, applications, and operations to ensure they are safe, efficient, and
compliant with laws and policies.
Scope of Computer Audit
The scope of computer audit is wide because computers are everywhere—in banking,
healthcare, education, government, and business. Let’s break it down:
1. System Security
• Checking firewalls, antivirus, and intrusion detection systems.
• Ensuring unauthorized users cannot access sensitive data.
2. Data Integrity
• Verifying that data is accurate, complete, and consistent.
• Detecting errors or manipulation in databases.
3. Application Controls
• Reviewing software applications used for accounting, payroll, or banking.
• Ensuring they process transactions correctly and securely.
4. Network Controls
• Examining communication channels like LAN, WAN, and internet connections.
• Ensuring secure transmission of data.
5. Operational Efficiency
• Checking whether IT resources are being used effectively.
• Identifying bottlenecks or wastage in computing processes.
6. Compliance
• Ensuring systems follow legal requirements (like data protection laws).
• Checking adherence to organizational policies.
7. Disaster Recovery and Backup
• Reviewing backup systems and disaster recovery plans.
• Ensuring data can be restored in case of system failure.
Easy2Siksha.com
In short: The scope covers everything from hardware and software to networks, data,
and compliance.
Tools of Computer Audit
Auditors use specialized tools to perform computer audits. These tools are like the
stethoscope, X-ray, and blood tests in a medical check-up.
1. Generalized Audit Software (GAS)
• Examples: ACL, IDEA.
• Used to analyze large volumes of data.
• Helps in detecting fraud, errors, or unusual patterns.
2. Test Data
• Auditors input fake transactions into the system to see how it processes them.
• Helps in checking whether controls are working correctly.
3. Parallel Simulation
• Auditors run their own program parallel to the client’s system.
• They compare results to check accuracy.
4. Integrated Test Facility (ITF)
• A dummy department or account is created within the system.
• Test transactions are processed to evaluate system performance.
5. Continuous Audit Software
• Monitors transactions in real-time.
• Useful in banks where millions of transactions occur daily.
6. Embedded Audit Modules
• Special audit routines built into applications.
• They automatically flag suspicious activities.
7. Network Security Tools
• Tools like Wireshark or Nessus check vulnerabilities in networks.
• They detect hacking attempts or weak points.
8. Data Mining Tools
• Used to identify hidden patterns in data.
• Helps in fraud detection and performance analysis.
Easy2Siksha.com
Diagram to Visualize
+-------------------------+
| Computer Audit |
+-------------------------+
|
-----------------------------------------
| | |
Scope Tools Outcome
Security, Data, GAS, Test Data, Safe, Reliable,
Networks, Backup ITF, Simulation, Efficient Systems
Audit Modules
Real-Life Example
Imagine a bank. Millions of transactions happen daily.
• Scope: Auditors check whether transactions are recorded correctly, whether
customer data is secure, and whether backup systems are in place.
• Tools: They use GAS to analyze transaction logs, ITF to test dummy accounts, and
network tools to check for hacking attempts.
• Outcome: The bank ensures customer trust, regulatory compliance, and smooth
operations.
Conclusion
• Computer Audit is the systematic review of IT systems to ensure security, accuracy,
and compliance.
• Its scope includes system security, data integrity, application controls, network
controls, efficiency, compliance, and disaster recovery.
• Its tools include audit software, test data, simulations, ITF, continuous monitoring,
embedded modules, and security tools.
In short: Computer audit is the guardian of digital trust. It ensures that organizations
can rely on their IT systems to be secure, efficient, and compliant.
8. What are the key elements in the framework for Asset Liability Management?
Ans: Asset Liability Management (ALM) may sound like a complicated financial term, but
once you understand the idea behind it, it becomes quite logical and interesting. Imagine a
bank or a company like a person managing their income and expenses. If your income
comes late but your expenses are immediate, you might face problems. Similarly,
organizations need to carefully manage their assets (what they own or earn) and liabilities
(what they owe) to stay financially healthy.
Easy2Siksha.com
The ALM framework is a structured approach that helps institutions manage risks arising
from mismatches between assets and liabilities. Let’s explore its key elements in a simple
and engaging way.
1. Asset and Liability Structure
The first and most basic element of ALM is understanding what assets and liabilities the
organization has.
• Assets: Loans given, investments, cash reserves
• Liabilities: Deposits, borrowings, obligations
The goal is to ensure that assets generate enough returns to cover liabilities. For example, if
a bank gives long-term loans but has short-term deposits, it may struggle to pay depositors
on time.
This mismatch is called a maturity gap, and managing it is the heart of ALM.
2. Maturity Matching (Gap Analysis)
This element focuses on timing—when money comes in and when it goes out.
• If assets mature later than liabilities → liquidity problem
• If assets mature earlier → idle funds
Banks use gap analysis to compare time periods of assets and liabilities (like 1 month, 3
months, 1 year).
Simple idea:
“Make sure the money coming in matches the money going out at the right time.”
3. Liquidity Management
Liquidity means having enough cash to meet short-term obligations.
• Customers may withdraw deposits anytime
• Businesses may need urgent funds
So, institutions must maintain a balance between profitability and liquidity.
Easy2Siksha.com
Too much liquidity → low profits
Too little liquidity → financial risk
ALM ensures that there is always enough cash without harming earnings.
4. Interest Rate Risk Management
Interest rates in the market keep changing, and this affects both assets and liabilities.
• Loans (assets) may have fixed interest
• Deposits (liabilities) may have variable interest
If interest rates rise or fall, it can impact profits.
Example:
If a bank gives loans at fixed rates but pays higher interest on deposits, it may lose money.
ALM helps manage this by balancing fixed and variable rate instruments.
5. Currency Risk Management
For organizations dealing internationally, foreign exchange risk is important.
• Assets in one currency
• Liabilities in another
If exchange rates change, losses may occur.
Example:
A company earns in dollars but pays in rupees → fluctuations affect profits.
ALM includes strategies to reduce this risk using hedging and diversification.
6. Risk Management Framework
ALM is not just about matching assets and liabilities—it is about managing different types of
risks:
• Liquidity risk
• Interest rate risk
• Credit risk
Easy2Siksha.com
• Market risk
Institutions set limits, policies, and guidelines to control these risks.
This ensures stability even during uncertain economic conditions.
7. ALM Committee (ALCO)
Every organization needs a decision-making body to manage ALM activities. This is called
the ALCO (Asset Liability Committee).
• Reviews financial position
• Monitors risks
• Makes strategic decisions
Think of ALCO as the “brain” behind financial balance.
8. Policies and Procedures
A strong ALM framework includes clear rules:
• Risk tolerance limits
• Investment policies
• Funding strategies
These policies guide how assets and liabilities should be managed.
Without proper rules, financial management becomes chaotic.
9. Monitoring and Reporting
Regular monitoring is essential.
• Daily, weekly, monthly reports
• Risk measurement tools
• Performance tracking
This helps detect problems early and take corrective action.
Easy2Siksha.com
Easy Way to Remember (Simple Flow)
You can understand ALM as a cycle:
Identify → Measure → Manage → Monitor → Control
Simple Diagram (Conceptual Flow)
Assets (Loans, Investments)
↓
Income Generation
↓
Match Timing & Interest Rates
↓
Liabilities (Deposits, Loans)
↓
Risk Management (ALM)
↓
Stability & Profitability
Conclusion
The framework of Asset Liability Management is like maintaining balance in everyday life.
Just as you plan your income and expenses carefully to avoid problems, financial institutions
use ALM to ensure they remain stable, profitable, and secure.
The key elements—such as asset-liability structure, liquidity management, interest rate
control, risk management, and monitoring—work together like parts of a machine. If one
part fails, the whole system can be affected.
“This paper has been carefully prepared for educaonal purposes. If you noce any
mistakes or have suggesons, feel free to share your feedback.”
