IT Examiner School, Seaside, CA

Operational Controls and Processes • Monitoring tools - detect and preempt system problems or capacity issues • Daily processing issue resolution and appropriate escalation procedures • Secure handling, distribution, and disposal of equipment, media, and output (electronic and physical) • Independent review of master file input and file maintenance changes (e.g., new loan and deposit accounts, address changes, due dates) • Independent review of global parameter changes (e.g., interest rate for loans and deposits, fee structure, service charges)

Patch Management • Policies/procedures – Current and updated • Responsible party – Management /committee • Tests patches prior to implementation • Review vendor-supplied patches • Validation of system security configuration