First the Regulators rolled out the Cyber Assessment Tool (CAT), then one year later the FDIC released its new Information Technology Risk Examination Program - or InTREx for short. The examination work program incorporates many of the work steps and review areas from the FFIEC IT Examination Handbook, while drawing from the CAT declarative statements and adopting a focus on cybersecurity.
Along with the new work program is a new Information Technology Profile to replace the former IT Officer’ Questionnaire, and a resurrection of the original Uniform Rating System for Information Technology (URSIT), which includes a rating for each of the four examination components and an overall composite rating.
Not only is the FDIC changing things up, the Federal Reserve is also using a form of INTREx as well as many of the Conference of State Banking Supervisors (CSBS).
- Overview of Examination Process
- Technology Profile
- Component Control framework - Audit, Management, Development and Acquisition, and Support and Delivery
- Decision Factors
- Cyber Security
- GLBA Coverage
- Report changes including URSIT
Who Should Attend?
Internal Auditors, Compliance Officers, IT Managers, Risk Managers, Senior Management.
Please note: This site employs features that may cause unexpected behavior in older versions of Internet Explorer. If you experience a problem, try refreshing your screen. If this doesn't solve the problem, click on this link.
You may contact us by using the Online Chat button below.