IT Examiner School, Providence, RI

Report of Examination

 IT Assessment Page (now a mandatory page) • Component IT ratings • Assessment of each component • Supporting comments for cybersecurity preparedness • Supporting comments for compliance with GLBA Information Security Standards • Detailed exam findings, including recommendations • Management’s response, including name and title, as well as timeframe for correction

FEDERAL DEPOSIT INSURANCE CORPORATION

Report of Examination

 Confidential IT Comment • Discussion of exam scope changes, if applicable • Participation by other regulatory agencies, if applicable • Listing of serviced institutions, if applicable

• No longer need to document in the confidential section the discussion with management regarding use of the FFIEC Cybersecurity Assessment Tool since the use of any cybersecurity tools or frameworks will be discussed on the IT Assessment Page • Additionally, follow RMS Manual of Examination Policies and any regional guidance

FEDERAL DEPOSIT INSURANCE CORPORATION