First the Regulators rolled out the Cyber Assessment Tool (CAT), then one year later the FDIC released its new Information Technology Risk Examination Program - or InTREx for short. The examination work program incorporates many of the work steps and review areas from the FFIEC IT Examination Handbook, while incorporating a focus on cyber security and drawing from the CAT declarative statements.
Along with the new work program is a new Information Technology Profile to replace the former IT Officer’ Questionnaire, and a resurrection of the original Uniform Rating System for Information Technology (URSIT), which includes a rating for each of the four examination components and an overall composite rating.
Not only is the FDIC changing things up, the Federal Reserve is also using a form of INTREx as well as many of the Conference of State Banking Supervisors (CSBS).
- Overview of Examination Process
- Technology Profile
- Component Control framework - Audit, Management, Development and Acquisition, and Support and Delivery
- Decision Factors
- Cyber Security
- GLBA Coverage
- Report changes including URSIT
Who Should Attend?
Internal Auditors, Compliance Officers, IT Managers, Risk Managers, Senior Management
Please note: This site employs features that may cause unexpected behavior in older versions of Internet Explorer. If you experience a problem, try refreshing your screen. If this doesn't solve the problem, click on this link.
You may contact us by using the Online Chat button below.