Thread Options
#1517160 - 03/03/11 05:45 PM FDICIA Audit
Auditor1 Offline
New Poster
Joined: Aug 2006
Posts: 6
I am planning for 2012 when the bank will be subject to the FDICIA rules for a 1 billion dollar bank. I was wondering how other banks are compling with the FDICIA internal control audits. Do you outsource the audits, do you do them internally, are you using any software to help.

I appriciate any input.

Return to Top
Audit
#1517173 - 03/03/11 05:54 PM Re: FDICIA Audit Auditor1
rlcarey Offline
10K Club
rlcarey
Joined: Jul 2001
Posts: 77,215
Galveston, TX
I would recommend that you get with your external auditors and see what their recommendations would be, as they are going to have to sign off on all the procedures and testing, regardless of who performs them.
_________________________
The opinions expressed here should not be construed to be those of my employer: PPDocs.com

Return to Top
#1517186 - 03/03/11 06:03 PM Re: FDICIA Audit rlcarey
Auditor1 Offline
New Poster
Joined: Aug 2006
Posts: 6
That is in my plan. I am leaning towards doing a a split plan. Having some of the more technical audits completed by a third party and some of the every day controls tested in house. I have traditionaly used word and excell to document my controls and testing but wanted to see what others are doing.

Return to Top
#1517505 - 03/04/11 02:44 AM Re: FDICIA Audit Auditor1
Kathleen O. Blanchard Offline

10K Club
Kathleen O. Blanchard
Joined: Dec 2000
Posts: 21,277
Use of Word, Excel and Access is very common for documenting internal controls, even at some large firms. Definitely develop the plan with the external auditors so that you meet their expectations for documentation, what needs to be tested, what are acceptable manual processes and controls if systemic controls are not in place or will take time, etc.
_________________________
Kathleen O. Blanchard, CRCM "Kaybee"
HMDA/CRA Training/Consulting/Mapping
The HMDA Academy
www.kaybeescomplianceinsights.com

Return to Top
#1517518 - 03/04/11 11:52 AM Re: FDICIA Audit Kathleen O. Blanchard
rlcarey Offline
10K Club
rlcarey
Joined: Jul 2001
Posts: 77,215
Galveston, TX
"Having some of the more technical audits completed by a third party and some of the every day controls tested in house."

It really is a mixed bag on how most banks handle this depending on their size and internal skill levels of staff, but the approach above is not uncommon.
_________________________
The opinions expressed here should not be construed to be those of my employer: PPDocs.com

Return to Top
#1518924 - 03/08/11 08:01 PM Re: FDICIA Audit rlcarey
Black & Gold Offline
Junior Member
Black & Gold
Joined: Aug 2008
Posts: 35
Dark Side of the Moon
As part of our preparation a couple years ago, I prepared a very detailed "Scoping, Documentation, and Testing Guidance" handbook for management that outlined the approach (i.e. scoping, entity-level assessment, pilot assessment, company-wide assessment, and annual certification), including definitions for risks, controls, etc... I also prepared standardized templates and documentation requirements (e.g. standard file naming conventions). I utilized in great detail the IIA's "Sarbanes-Oxley Section 404: A Guide for Management by Internal Controls Practitioners" handbook, which can be downloaded for free from www.theiia.org. This provides a great roadmap for beginning the process. And yes, for specialized areas like IT, this was outsourced. We maintained all our documentation in Word and Excel.
_________________________
"Who would have thought that the thing that would save this company would be work. And pancakes." - Michael Scott-The Office

Return to Top

Moderator:  Andy_Z