Well, usually an auditor through a risk assessment, determines what they are going to test. What you test may not be the same as the next bank. As such, your request list should be based on the information needed to perform the intended testing. There would not be a standardized list. If you need some ideas, pull you latest Federal pre-examination request list that you received from your examiner. Your internal audit program should mirror their examination points most of the time.
_________________________
The opinions expressed here should not be construed to be those of my employer:
PPDocs.com