Tag: FDIC Information Technology Officer’s Questionnaire

  • “Concentration of duties”

    It is not unusual for a community financial institution with limited personnel to have the Information Security Officer (ISO) act as a backup network administrator.  In fact, this is a relatively common practice in an environment where key personnel will typically wear several hats.  And there are practical reasons for this; the ISO is typically […]

  • The Pendulum Swings in 2011?

    I’ll be posting my list of audit and examination trends for 2011 soon, but this article by me on a similar topic was just published in Bank Technology News.

  • The IT Steering Committee – Should or Must?

    At a recent user group meeting of one of the major core vendors for community banks, I asked the question ‘how many of you use an IT or Tech Steering Committee?’.  I was expecting a vast majority of hands to go up, but only about half did.  This was surprising to me, given that: The […]

  • The 5 trickiest FDIC IT examination questions (part 5).

    In my last post, I asked you to weigh in on what question you wanted me to address in this final post of the series.  This one came from a bank that was in the process of actually filling out the questionnaire, and it’s a good one.  It’s found in the Vendor Management section: “Has […]

  • The 5 trickiest FDIC IT examination questions (part 4).

    Last time in Part 3 we discussed (at some length) the FDIC IT Exam question “Are project management techniques and system development life cycle processes used to guide efforts at acquiring and implementing technology (Y/N)?”.  This time, we address a question from the Part 3 – Audit/Independent Review Program section titled: “Are the results of […]

  • The 5 trickiest FDIC IT examination questions (part 3).

    Last time in Part 2 we tackled “Does the bank’s strategic planning process incorporate information security (Y/N)?” from the FDIC IT Examination…