IT Examiner School eBook

Internal Use Only

Guidance for IT Audit FFIEC IT Examination Audit Handbook

Federal Agency Rules and Regulations  Interagency Policy Statement on the Internal Audit Function and its Outsourcing  Interagency Policy Statement on External Auditing Program of Banks and Savings Associations  Interagency Guidelines Establishing Information Security Standards (GLBA) Information Systems Audits and Control Association (ISACA)

Internal Use Only

IT Audit Engagements

Engaged & signed by an individual or committee not responsible for IT operations (This is an indicator of independence.)

Expectations and responsibilities

The scope, timeframes, and cost of work to be performed

Institution access to audit workpapers