IT Examination Review – FDIC & CSBS INTREx

The actual INTREx — Information Technology Risk Examination Program adopted by the FDIC and CSBS IT examiners hasn’t changed since it was rolled out in 2016; however, there have been some changes in the examiners focus when it comes to the IT examination. The Federal Reserve examiners are also using their own “INTREx” related examination work program.

The INTREx program definitely has its roots in GLBA and cyber security, the FFIEC IT Examination Handbooks and draws from the current CAT Declarative Statements. In addition, to going over the INTREx work program, we will be sharing some specific areas of focus you need to be aware of as you prepare for your 2021 examination; including some newer guidance and proposed guidance that has been issued since the INTREx release.

In this webinar we will do an overview of the INTREx work program including the IT Officer’s Questionnaire and changes to the rating system used. We will also highlight the INTREx program steps and sharing the potential “2021” exam focus areas to help you be better prepared for your examination.

What You’ll Learn

  • Overview of Examination Process
  • Technology Profile
  • Component Control framework – Audit, Management, Development and Acquisition, and Support and Delivery
  • Decision Factors
  • Cyber Security
  • GLBA Coverage
  • Areas of increasing focus for 2021
  • Report changes including URSIT

Who should attend
Internal Auditors, Compliance Officers, IT Managers, Risk Managers, Information Security Officers, Senior Management; anyone interested in the IT examination process.

Presenter Bio
Susan Orr is a leading financial services expert with vast regulatory, risk management, and security best practice knowledge and expertise.

As an auditor and consultant, Orr is dedicated to assisting financial institutions in implementing appropriate policies and controls to protect confidential information and comply with regulatory mandates and best practices. Her expertise as an auditor and former examiner provides her the knowledge and expertise to conduct comprehensive IT general control and data security reviews and assist de novo institutions in the vendor selection process, preparing policies and procedures, and instituting controls. She also consults for numerous security providers and vendors helping them align products and services to meet institution regulatory mandates. Orr is a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), and Certified Risk Professional (CRP).

Registration Options

Live Access, 30 Days OnDemand Playback, Presenter Materials and Handouts $279

  • Available Upgrades:
    • 12 Months OnDemand Playback + $110
    • 12 Months OnDemand Playback + CD + $140
    • Additional Live Access + $75 per person


Sep 01 2022


10:00 am - 12:00 pm



More Info