Para 3.22.68 — MSO (Audit)

MSO (Audit)mso-audit

3.22.68 Output files should be protected to reduce the risk of unauthorised amendment. Possible motivations for amending computer output include covering up unauthorised processing or manipulating undesirable financial results. Unprotected output files within a bill paying system could be exploited by altering the cheque or pay order amounts and payee details. A combination of physical and logical controls may be used to protect the integrity of the computer output.

What This Means

Output files must be protected from unauthorised amendment to prevent tampering. People might alter computer output to cover up unauthorised processing or to manipulate financial results. For example, unprotected output files in a bill-paying system could be exploited by changing cheque amounts or payee details. A combination of physical controls (like locked storage) and logical controls (like access restrictions and encryption) should be used to protect output integrity.

This explanation was generated with AI assistance for educational purposes. Always refer to the official gazette notification for authoritative text.

Key Points

1Output files must be protected from unauthorised amendment
2Motivations for tampering include covering up fraud and manipulating financial results
3Bill-paying system outputs are especially vulnerable to cheque amount and payee manipulation
4Both physical controls (locked storage) and logical controls (access restrictions) are needed
5Protecting output integrity is as important as protecting input and processing

Practical Example

A government department's bill-paying system generates output files containing cheque details — payee name, amount, and bank details. Without protection, a corrupt employee could alter the output file to change a Rs. 50,000 payment to Rs. 5,00,000 or redirect it to a different payee. To prevent this, the system stores output files in a restricted directory accessible only to the accounts officer, applies file-level permissions that prevent modification, and generates a hash value for each output file that is verified before cheques are printed. Physical cheque stock is kept in a locked cabinet with dual-key access.

This explanation was generated with AI assistance for educational purposes. Always refer to the official gazette notification for authoritative text.

Frequently Asked Questions

How can output files be tampered with?▼

If output files are stored in unprotected locations, anyone with system access could open them using standard tools and change amounts, payee details, account numbers, or other critical data. The altered output would then produce fraudulent cheques or misleading reports.

What logical controls can protect output files?▼

Logical controls include file-level access permissions restricting who can read or modify files, encryption of output files, digital signatures or hash values to detect any changes, and audit logging of all access to output files.

This explanation was generated with AI assistance for educational purposes. Always refer to the official gazette notification for authoritative text.

Para 3.22.68 — MSO (Audit)

Original Rule Text

What This Means

Key Points

Practical Example

Frequently Asked Questions

Related Rules