IT Examiner School

Common Exam Themes, Findings & Weaknesses

Common Exam Themes, Findings & Weaknesses Lack of a formal risk-based IT Audit and/or independent testing program. Management may not be aware fully of GLBA or 16 CFR Part 314 of the FRC Rules and Regulations. Information Security Program not based on an assessment of unique risks and threats. Policies, procedures, and standards are not sufficiently detailed to guide program activities.