IT Examiner School eBook May 2025

Other

13. Have there been any significant changes in technology or services since the previous examination, or are any changes expected in the next 6 months? Check all that apply.  No change  Core system  Significant network  Significant application  Key IT management or personnel  Other new technology or services (e.g. artificial intelligence, blockchain, P2P payments) Click here to enter comment

Institution Name: Click here to enter institution name Cert# Click here to enter cert number

Information Technology Risk Examination

Preparer: Click here to enter preparer name Start Date: Click here to select a start date

Audit

Core Analysis Decision Factors

Note: refer to the FFIEC IT Examination Handbook - Audit if additional analysis is necessary to complete this module. Decision Factors - Audit A.1. The level of independence maintained by audit and the quality of the oversight and support provided by the Board of Directors and management. Procedures #1-3 ▼ Click here to enter comment Strong ☐ Satisfactory ☐ Less than satisfactory ☐ Deficient ☐ Critically deficient ☐ A.2. The adequacy of IT coverage in the overall audit plan and the adequacy of the underlying risk analysis methodology used to formulate that plan. Procedures #4-5 ▼ Critically deficient ☐ A.3. The scope, frequency, accuracy, and timeliness of internal and external audit reports and the effectiveness of audit activities in assessing and testing IT controls. Procedures #6-8 ▼ Strong ☐ Satisfactory ☐ Less than satisfactory ☐ Deficient ☐

Strong ☒ Critically deficient ☐ A.4. The qualifications of the auditor, staff succession, and continued development through training. Satisfactory ☐ Less than satisfactory ☐ Deficient ☐

Procedure #9 ▼