The FDIC recently updated its information technology and
operations risk (IT) examination procedures to include an
integrated assessment of an institution's cybersecurity
preparedness. The procedures, which are contained in the
Information Technology Risk Examination (InTREx) Program, allow for
an enhanced, risk-based approach for conducting IT examinations.
The Cybersecurity principles and standards contained within the
updated program are not stand-alone, independent principles and
standards. Rather, they are part of the overall information
security and technology oversight function, with each of the InTREx
modules containing embedded cybersecurity examination
To help in the planning of the IT examination, institutions are
required to complete an Information Technology profile (ITP) prior
to the examination. The ITP replaces the former IT Officer's
Questionnaire, and has been developed to ensure that appropriate
resources are allocated to the IT examination and contains
questions relating to:
Development and Programming
Software and Services
The ultimate goal of the updated program is to ensure that
financial institution management is able to identify and address IT
and cybersecurity risks in a timely and appropriate manner. As
such, the program allows for more detailed examination results with
Uniform Rating System for Information Technology (URSIT) component
and composite ratings included within the examination report.
Additional details of the InTREx Program can be found here.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
A federal district court in California handed the Consumer Financial Protection Bureau (CFPB) a big win on Wednesday, August 31, 2016, granting the agency summary judgment on liability in its lawsuit against CashCall, Inc., its affiliated entities and its owner.
FinCEN notified U.S. financial institutions that the Financial Action Task Force updated the list of jurisdictions with strategic anti-money laundering ("AML")/countering the financing of terrorism deficiencies.
Recent years have been marked by low interest rates and a highly liquid loan market, creating a very favorable environment for leveraged loans used to fund mergers and acquisitions, sometimes in conjunction with large one-time dividend payouts.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).