Princeton, NJ (BankInfoSecurity.com) November 8, 2006 – The banking regulatory agencies examine banking practices, including Information Technology, at the banking institutions they oversee on a periodic basis. In this workshop, you will hear about the basic tenants behind the Information Technology (IT) examinations conducted by banking regulatory agencies and how the preliminary information gathered is applied – i) in choosing appropriate workprograms and ii) in identifying the necessary examiner IT skill and experience necessary for conducting each exam. Further, this workshop will prepare the attendees in responding to the pre-examination IT Questionnaire in the most appropriate manner.
During the course this workshop, the attendees will gain an understanding of how the regulatory examinations are based on the concepts and guidance provided in these booklets. We will also discuss how the banking rules & regulations, including GLBA Section 501(B), Bank Secrecy Act, Patriot Act and FACTA among others, are taken into account during the Information Technology examinations.
Based on the preliminary information provided by an institution on the technology in use and the applicable practices, and the information available on the previous examinations, bank examiners develop an initial scope for each IT exam. However, examiners have considerable discretion to expand or contract the scope once onsite, and to utilize any agency-specific or FFIEC approved work program targeting specific technologies or functions (wire transfer systems, ACH, etc).
This webinar will be presented by Susan Orr, CISA, CISM, CRP, an ex-FDIC examiner. Susan is a leading financial services expert with vast regulatory, risk management, and security best practice knowledge and expertise . During her 14 year tenure as a bank examiner, Susan held numerous lead positions including Regional IT Examination Specialist, Special Assistant to the Regional Director, Special Assistant to the Director of DSC, and Special Assistant to the Vice Chairman of the FDIC. Susan was also a lead instructor for the FDIC’s technology school and was instrumental in key industry initiatives such as the FDIC E-Risk Strategic Initiatives Risk Monitoring Committee, the Chicago Region Interagency Technology Group, and the Federal Financial Institutions Examination Council (FFIEC) IT Handbook rewrites. Susan retains close relationships within the FFIEC agencies as well as industry trade groups to stay abreast on new technologies, best practices, and regulatory issues.
Susan also speaks regularly at risk management and security educational seminars and has authored numerous white papers on emerging information technology and security risk management topics. Susan is a Certified Information Systems Auditor (CISA), Certified Information Systems Manager (CISM) and Certified Risk Professional (CRP).
For additional information about the BankInfoSecurity.com Preparing for a Regulatory IT Exam webinar, please visit: https://www.bankinfosecurity.com/workshop_itrep.php.