IT Examiner School, Seaside, CA
IT Audit Risk Assessment and Scope
• Identifies the items/areas to be reviewed - consistent with risk assessment including risk level • Describes how the audit/review will be performed and tools to be used • Provides the timeframe for completing the audit/review
Firms may also provide an engagement letter specifying this information (including costs)
IT Audit Coverage
• IT General Controls • Information Security Program • Wire Transfers • ACH (controls and NACHA Compliance Audit) • Remote Deposit Capture
• Compliance with safeguarding customer information guidelines • Regulation GG/Unlawful Internet Gambling Enforcement Act * • Identity Theft Red Flags Program* • Penetration Testing and Vulnerability Assessment
*If applicable to the financial institution.
Made with FlippingBook - Online catalogs