IT Examiner School, Providence, RI

M.3. The adequacy of, and conformance with, internal policies and controls addressing IT operations and risks significant business activities. Refer to Core Analysis Procedure #5. Click here to enter comment Strong ☐ Satisfactory ☐ Less than satisfactory ☐ Deficient ☐ Critically deficient ☒

M.4. The level of awareness of and compliance with laws and regulations. Refer to Core Analysis Procedures 11. Click here to enter comment Strong ☐ Satisfactory ☐ Less than satisfactory ☐ Deficient ☐ Critically deficient ☐ M.5. The level of planning for management succession. Refer to Core Analysis Procedure #12 .

Click here to enter comment Strong ☐

Satisfactory ☐

Less than satisfactory ☐

Deficient ☐

Critically deficient ☐

M.6. The adequacy of contracts and management's ability to monitor relationships with third-party servicers. R to Core Analysis Procedure #13 . Click here to enter comment Strong ☐ Satisfactory ☐ Less than satisfactory ☐ Deficient ☐ Critically deficient ☐ M.7. The adequacy of risk assessment processes to identify, measure, monitor, and control risks. Refer to Core Analysis Procedures #14-16 . Click here to enter comment Strong ☐ Satisfactory ☐ Less than satisfactory ☐ Deficient ☐ Critically deficient ☐