November 20, 2015
Updated FFIEC Management Booklet Part of IT Examination Handbook Series
The Federal Financial Institutions Examination Council (FFIEC) has issued a revised “Management” booklet that provides guidance to assist examiners in evaluating the information technology (IT) governance at financial institutions and service providers. The booklet is part of the IT Examination Handbook series.
Statement of Applicability to Institutions with Total Assets under $1 billion: This Financial Institution Letter applies to all FDIC-supervised institutions offering online banking services.
- The revised Management booklet outlines the principles of overall governance and, more specifically, IT governance.
- The revised booklet delineates the stages of the IT risk-management process, including risk identification, measurement, mitigation, monitoring, and reporting.
- The revised booklet incorporates cybersecurity concepts as part of IT risk management.
- An electronic version of the booklet, as well as an FFIEC press release, is available at http://www.ffiec.gov/press.htm.