IT Examiner School - Oct 2023
Internal Use Only
Management Module Conclusions (continued)
The IT Examination Program is a management focused approach • Do not focus solely on technical issues • Assess management’s actions in relation to the technical issues • Assess how well management is carrying out its responsibilities regarding planning, directing, organizing & controlling the risks related to IT
39
Internal Use Only
Regulatory Guidance- Management
FFIEC IT Handbook: Management FFIEC IT Handbook: Outsourcing Technology Services
Interagency Guidelines Establishing Standards for Safety & Soundness Interagency Guidelines Establishing Information Security Standards Interagency Guidelines on Identity Theft Detection, Prevention & Mitigation FDIC FIL-44-2008: Guidance on Managing Third-Party Risk FRB SR 13-19/ CA 13-21: Guidance on Managing Outsourcing Risk
40
Made with FlippingBook - professional solution for displaying marketing and sales documents online