Skip to content
BOL Conferences
Thread Options
#588841 - 07/26/06 05:57 PM IT Risk Management Assessment
Ginlyn, CRCM Offline
Gold Star
Ginlyn, CRCM
Joined: Nov 2003
Posts: 300
Oklahoma
Our bank is in the middle of an IT exam (FRB) and the examiner has advised our network administrator that we were suppose to have an IT Risk Management Assessment done by July 1, 2006. Earlier this year, I prepared a BSA/AML/OFAC Risk Assessment for the bank, but I am not aware of a requirement for an IT Risk Assessment, especially with a deadline attached to it. Does anyone have any information about this?

Return to Top
eBanking / Technology
#588842 - 07/26/06 07:08 PM Re: IT Risk Management Assessment
P*Q Offline

Power Poster
P*Q
Joined: May 2001
Posts: 8,458
Somewhere
We too were informed by our external auditors that we must have an IT risk assessment (information assets, software), all related to CIS. We were not given a specific cite or deadline but we're currently working on it.

Return to Top
#588843 - 07/26/06 07:26 PM Re: IT Risk Management Assessment
Nanwa Offline
Power Poster
Nanwa
Joined: Oct 2001
Posts: 5,564
Clintonville, WI, USA
When we did our information security risk assessment, we included our in house computer system, Internet banking and phone banking in it. I am hoping that this is enough. No complaints from examiners at our last exam which was last year.
_________________________
Member of the National Sarcasm Society - like we need your support!

Return to Top
#588844 - 07/26/06 09:35 PM Re: IT Risk Management Assessment
sheilaf Offline
New Poster
Joined: Jul 2006
Posts: 2
Would anyone have a sample report for risk assessment as we are in need of one to provide to our examiners.

Thank you.

Return to Top
#588845 - 07/27/06 12:35 PM Re: IT Risk Management Assessment
P*Q Offline

Power Poster
P*Q
Joined: May 2001
Posts: 8,458
Somewhere
Click here for sample on BOL tools.

Return to Top
#588846 - 07/28/06 04:23 PM Re: IT Risk Management Assessment
Queen Mum Offline
Power Poster
Queen Mum
Joined: Mar 2001
Posts: 3,920
OK
We had done a complete IT Risk Assessment, but now they are telling us that we need a separate one just for the Dual Authentication for Internet Banking. If anyone has done one, we would love to see your format if you are willing to share.

Return to Top

Moderator:  Andy_Z