IT Audit

Designed to help financial institutions comply with the FFIEC Information Technology Examination Procedures, our IT Audit consists of a comprehensive review of the design, implementation, and effectiveness of the controls used to mitigate the IT risks faced by your institution. The IT Audit provides practical, real-world recommendations tailored to fix any gaps in your control structure. Based on the specific needs of your institution, this service can be performed onsite at your facility or remotely.

The following areas are evaluated within our typical scope:

  • Previous Examinations
  • Information Systems Strategy
  • Policy and Procedure
  • Personnel Management
  • Vendor Management
  • Information Security
  • Cybersecurity
  • Physical Security
  • Environmental Controls
  • Network Infrastructure
  • Operating System
  • Core Application
  • Release Management
  • Capacity / Performance Management
  • Malicious Code
  • Patch Management
  • Intrusion Response
  • Business Continuity / Disaster Recovery
  • Media Management
  • Remote Access
  • Mobile Computing
  • Electronic Banking
  • Wire Transfer System
  • Other Applications
  • Voice-Over Internet Protocol