Audit
This "Audit Booklet" is one of several booklets that comprise the Federal Financial Institutions Examination Council (FFIEC) Information Technology Examination Handbook (IT Handbook) and provides guidance to examiners and financial institutions on the characteristics of an effective information technology (IT) audit function.
Booklet Contents
- Introduction
- IT Audit Roles and Responsibilities
- Independence and Staffing of Internal IT Audit
- Internal Audit Program
- Risk Assessment and Risk-Based Auditing
- Audit Participation in Application Development, Acquisition, Conversions, and Testing
- Outsourcing Internal IT Audit
- Third-Party Reviews of Technology Service Providers
- Appendix A: Examination Procedures
- Appendix B: Glossary
- Appendix C: Laws, Regulations, and Guidance