Needed expertise depends on how your bank is set up, EDP-wise. If you are in-house with an off-the-shelf system, reader-sorter, PC network, etc. you can probably do it yourself over time, but it may be wise to have an outside entity go through the entire system first.
If your bank uses in-house programmers on the primary system, donít even think about doing the audit yourself, itís way too risky.
If you are in an outsourced environment, e.g. primary system, etc. you should be able to go through the FDICís or OCCís work papers covering EPD audits and conduct the audit yourself after you have gained a level of expertise on the primary system.
As noted, regulatory work papers are excellent sources of input. In addition, networking security is covered by books, for example, Windows 2000 Server for Dummies is very well done at the non-tech level if you are using a Windows 2000 Server with other books available covering all the network options.