IT Audit

Designed to help financial institutions comply with the FFIEC Information Technology Examination Procedures, our IT Audit consists of a comprehensive review of the design, implementation, and effectiveness of the controls used to mitigate the IT risks faced by your institution. The IT Audit provides practical, real-world recommendations tailored to fix any gaps in your control structure. Based on the specific needs of your institution, this service can be performed onsite at your facility or remotely.

The following areas are evaluated within our typical scope:

  • Information Security
  • Cybersecurity
  • Information Systems Strategy
  • Vendor Management
  • Personnel Management
  • Previous Examinations
  • Policy and Procedure
  • Physical Security
  • Environmental Controls
  • Media Management
  • Business Continuity / Disaster Recovery
  • Intrusion Response
  • Core Processing Application
  • Branch Capture
  • Wire Transfer System
  • Network Infrastructure
  • Operating System
  • Virtualization
  • Malicious Code
  • Patch Management
  • Release Management
  • Capacity / Performance Management
  • Remote Access
  • Mobile Computing
  • Voice Over Internet Protocol
  • ATM / Debit Cards
  • Internet / Mobile Banking
  • Telephone Banking
  • Merchant Remote Deposit Capture
  • Online Account Opening
  • Website Review
  • Other Applications