Information Technology Risk Examination (INTREx) – Be Prepared for Your 2024 FDIC Examination
The FDIC released the updated INTREx procedures September 29, 2023. The INTREx Program was initially adopted by the FDIC and CSBS IT examiners in 2016. The INTREx program definitely has its roots in GLBA and cyber security, the FFIEC IT Examination Handbooks, and draws from the CAT Declarative Statements.
While the program is the examiners work program, it provides insight for financial institutions into the examination procedures that will be used by the examiners during the IT examination. The updated procedures are stated to have more specificity for the examiner’s review of service provider reports of examination and the Audit module’s usability in addition to specifying compliance steps relative to the Computer Security Incident Notification Rule (Part 304, Subpart C effective April 1, 2022. The program also includes updated links to references used in the development of the procedures.
What You’ll Learn
- Overview of the Examination Process
- Information Technology Profile
- Component Control framework: Audit, Management, Development and Acquisition, and Support and Delivery
- Decision Factors
- Cyber Security
- GLBA Coverage
- Applicable guidance
- Common examination recommendations
Who Should Attend
Internal Auditors, Compliance Officers, IT Managers, Risk Managers, Information Security Officers, Senior Management; anyone interested in the IT examination process.
Presenter Bio
Susan Orr is a leading financial services expert with vast regulatory, risk management, and security best practice knowledge and expertise.
As an auditor and consultant, Orr is dedicated to assisting financial institutions in implementing appropriate policies and controls to protect confidential information and comply with regulatory mandates and best practices. Her expertise as an auditor and former examiner provides her the knowledge and expertise to conduct comprehensive IT general control and data security reviews and assist de novo institutions in the vendor selection process, preparing policies and procedures, and instituting controls. She also consults for numerous security providers and vendors helping them align products and services to meet institution regulatory mandates. Orr is a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), and Certified Risk Professional (CRP).
Registration Options
Live Access, 30 Days OnDemand Playback, Presenter Materials and Handouts $279
- Available Upgrades:
- 12 Months OnDemand Playback + $110
- 12 Months OnDemand Playback + CD + $140
- Additional Live Access + $85 per person