IT Examiner School, Seaside, CA

Conclusion

• Learned the basics for IT Audit and reviews • Minimum scope in risk focused examination process- must review the entity’s audit program • If audit program is deficient or lacking – Don’t need to dig deeper – Describe the deficiencies and record them in your WP – Notify the Safety & Soundness EIC • If audit program is satisfactory – Can risk focus areas recently audited