IT Examiner School eBook May 2025

M.5.

The level of planning for management succession.

▼ Procedure #12

Click here to enter comment Strong ☐

Satisfactory ☐

Less than satisfactory ☐

Deficient ☐

Critically deficient ☐

M.6. The adequacy of contracts and management's ability to monitor relationships with third-party servicers. ▼ Procedure #13 Click here to enter comment Strong ☐ Satisfactory ☐ Less than satisfactory ☐ Deficient ☐ Critically deficient ☐ M.7. The adequacy of risk assessment processes to identify, measure, monitor, and control risks.

▼ Procedures #14-16

Click here to enter comment Strong ☐

Satisfactory ☐

Less than satisfactory ☐

Deficient ☐

Critically deficient ☐

M.8. If applicable, include a summary comment below for any additional risk factors reviewed or examination procedures performed that may not be directly referenced in the Decision Factors above. (These risk factors and procedures could include, but are not limited to, Supplemental Workprograms, FFIEC workprograms, agency-specific workprograms, and/or new guidance not addressed in the modules.) Click here to enter comment Strong ☐ Satisfactory ☐ Less than satisfactory ☐ Deficient ☐ Critically deficient ☐

Summary Comment - Management

Click here to enter comment.

URSIT Management Rating: Click to choose a rating

Page: 11

InTREx – Management IT Risk Examination Modules - July 2016