CMS Case Study
9. Senior Management oversight.
The Bank’s audit guidelines are based on the use of risk assessment tools and risk factors and reviewed by the Audit Committee. These guidelines are used to grade or assess major risk areas and to define the range of scores or assessments (defined as Low, Medium, or High). It is the responsibility of the Audit Committee and Technology Committee to work together in evaluating the risk in all departments and functions by reviewing risk assessments to determine their reasonableness. It is the responsibility of the Information Security Officer and the Technology Committee to keep the Audit Officer and the Committee up to date on all major changes in departments or functions, such as the introduction of a new product, implementation of a new system, application conversions, or significant changes in organization or staff.
V. MEETINGS
The Audit Committee will meet at least four times annually. Additional meetings may occur more frequently as needed. The committee may invite members of management and may hold private meetings with auditors.
VI. FUNDING
The Company shall provide for appropriate funding of the Audit Committee, as determined by the Audit Committee, for payment of:
• Compensation to any registered public accounting firm engaged for the purpose of preparing or issuing an audit report or performing other audit, review, or attest services for the Company. • Compensation to any advisors employed by the Company as authorized under this Charter. • Ordinary administrative expenses of the Audit Committee that are necessary and appropriate to carry out its duties. • Adequate compensation for the Internal Audit Officer and Internal Audit staff, coverage of sufficient Internal Audit departmental operating expenses, and fees to maintain various professional certifications and association dues, including continuing education requirements.
VII.
RECORD RETENTION
The Institution shall retain any records as may be required to demonstrate compliance with this policy and the flood regulatory requirements.
Reviewed by Board of Directors on 5.27.21
Made with FlippingBook PDF to HTML5