Audit
Business Continuity Planning
Development and Acquisition
E-Banking
Information Security
Management

• INTRODUCTION
• RISK OVERVIEW
  • Operational/Transaction Risk
• ROLES AND RESPONSIBILITIES
  • IT Roles
    • Board of Directors/Steering Committee
    • Chief Information Officer/Chief Technology Officer
    • IT Line Management
    • Business Unit Management
  • IT Responsibilities and Functions
    • Risk Management Functions
    • Project Management
    • Other IT Functions and Support Roles
• IT RISK MANAGEMENT PROCESS
  • Planning IT Operations and Investment
    • Strategic IT Planning
    • Operational IT Planning
  • Risk Identification and Assessment
  • IT Controls Implementation
    • Policies, Standards, and Procedures
    • Internal Controls
    • Personnel
    • Insurance
    • Information Security
    • Business Continuity
    • Software Development and Acquisition
    • Operations
    • Outsourcing Risk Managment
  • Measure and Monitor
    • Plan-to-Actual Outcome Measures (Outcome-based Measurement)
    • Performance Benchmarks
    • Service Levels
    • Quality Assurance/Quality Control
    • Policy Compliance
• MANAGEMENT CONSIDERATIONS FOR TECHNOLOGY SERVICE PROVIDERS
  • Financial Information
  • Contracts
  • Audit Reports
  • Customer Service
• APPENDIX A: EXAMINATION PROCEDURES
• APPENDIX B: LAWS, REGULATIONS, AND GUIDANCE

Operations
Outsourcing Technology Services
Retail Payment Systems
Supervision of Technology Service Providers
Wholesale Payment Systems