Report on the Description of the National Settlement Depository Controls, Suitability of Controls Design and Operating Effectiveness,
12 October, 2015
34
Objective 9. Controls provide reasonable assurance that information technology processing is authorised and scheduled
appropriately and exceptions are identified and resolved in a timely manner
Ref # Control procedure
Testing performed
Results of tests
9.1
All errors of data transfers losses are monitored, captured and
timely resolved.
For a sample of incidents inspected capturing by monitoring
systems procedure and ensured that all errors of data transfers
losses were resolved.
No exceptions noted
9.2
Continuous antivirus protection is provided with the latest
version of virus signatures database, which are regularly
updated according the schedule.
Observed settings in Symantec Endpoint Protection and
ensured that antivirus protection is performed, virus signatures
database are up to date and are set according the schedule.
No exceptions noted
9.3
The agreements between NSD and contractors on system
purchasing, developing or supporting are signed, authorised
properly by both sides and describe the level of support, timing
of provision of services and other technical details.
For a sample of contractors inspected agreements and ensured
all agreements were present, singed and described the level of
support, timing of provision of services and other technical
details.
No exceptions noted
