In the first update in over 10 years, the FFIEC just completely rewrote the definitive
…Read the rest of the article
FFIEC Rewrites the Information Security IT Examination Handbook
Read the rest of the article
Read the rest of the article
FFIEC Updates (and Greatly Expands) the Management Handbook
This latest update to the IT Examination Handbook series comes 11 years after the original
…Read the rest of the article
Ask the Guru: The IT Audit “Scope”
Hey Guru
Our examiner is asking about the “scope” of our IT audits. What is
Read the rest of the article
Patch deployment – now or later? (with interactive poll!)
We recently saw an examination finding that recommended that “Critical Patches be deployed within 24
…Read the rest of the article
FFIEC Handbook Update – Outsourcing
The FFIEC has just added a section to the Outsourcing Technology Services IT Examination Handbook,
…Read the rest of the article
“Data-flow diagrams”
This request was seen in a recent State examiners pre-examination questionnaire, and although I usually
…Read the rest of the article
NIST releases new Cloud Computing Guidelines
Although not specific to the financial industry, the new guidelines provide a comprehensive overview of
…Read the rest of the article
The IT Strategic Plan – Why, Who, & How
One of the most common examination findings recently (particularly with the FDIC) has been the
…Read the rest of the article
The Control Self-Assessment (CSA)
If there was a process that was mentioned 43 times in 7 of the 12
…Read the rest of the article
Thankful for…Appendix A?!
When you were a kid, you hated the “pop quiz” right? But if the teacher
…Read the rest of the article