IT Examiner School - Oct 2023
Internal Use Only
Examination Approach Examples: Depository Institutions
Type of Entity
IT Exam Approaches/Rating Systems
Information Technology Risk Examination (InTREx) ; UFIRS/CAMELS, FFIEC Uniform Rating System for IT (URSIT); CAMEL, where “M” includes a review of information systems
Banks
Credit Unions
Trust Companies
FFIEC Uniform Interagency Trust Rating System (UITRS)
Foreign Banking Organizations & Bank Holding Companies
FRB, States; ROCA Rating System – where “O” is operational controls
17
Internal Use Only
Examination Approach Examples: Non-Depository Institutions
Type of Entity
IT Exam Approaches/Rating Systems
Mortgage Originators and Servicers
FFIEC Uniform Interagency Consumer Compliance Rating System (CC Rating System)
CSBS Non-Bank Cybersecurity Exam Program ; MTRA Workprogram (multi-state exams); FILMS rating system
Money Service Businesses / Money Transmitters
18
Made with FlippingBook - professional solution for displaying marketing and sales documents online