Electronic fraud: Banks focus on COBiT certification

Having completed the certification of Payment Card Industry Data Security Standards (PCI DSS) version 3.1, the latest security measure aimed at waging off hackers from networks, money deposit banks are now focusing on implementation Control Objectives for Information and Technology (COBIT ).

According to Ahmed Adesanya, IT Security and Connectivity consultant, Cobit 5 is a business framework for the governance and management of enterprise IT. Cobit 5 provide global acceptable principle, practice, analytical tools and models to help increase trust in, and value from information system.

Cobit 5 builds and expands on Cobit 4.1 by integrating other frameworks, standards, and resources, including ISACA Val IT and risk IT, Information Technology Infrastructure Library (ITIL) and related standards from International Organization for Standardization (ISO).

Nigeria CommunicationsWeek investigations revealed that aside three banks that have completed the implementation of COBiT before Central Bank of Nigeria commissioned report on IT Standard in banks conducted by Accenture, no other bank have completed it as most of them are on the implementation process.

It was further gathered that the delay in the implementation of COBiT by banks was necessitated by CBN directive with deadline on PCIDSS which made them focused on the certification of PCIDSS before COBiT.

According to Osita Nwanu, Head, Systems Control & Business Continuity Management, First City Monument Bank, on the need for IT Standard to prevent e-fraud,” the sustained growth of e-transactions as depicted by the increased transaction volume and value in 2015, coupled with the rapidly evolving nature of technology advancements within the e-channel ecosystem continues to attract cybercriminals who continuously develop new schemes to perpetrate e-fraud”.