FFIEC
Information Technology
Examination Handbook
Master Table of Contents
Table of Contents Listed by Booklets
Table of Contents Listed by Topics
Booklets
Audit
Business Continuity Planning
Development and Acquisition
E-Banking
Information Security
Management
Operations
INTRODUCTION
ROLES AND RESPONSIBILITIES
Board of Directors and Senior Management
Operations Management
Risk Management
RISK IDENTIFICATION
Environmental Survey
Technology Inventory
Hardware
Software
Network Components and Topology
Media
RISK ASSESSMENT
Prioritizing Risk Mitigation Efforts
RISK MITIGATION AND CONTROL IMPLEMENTATION
Policies, Standards, and Procedures
Policies
Standards
Procedures
Controls Implementation
Environmental Controls
Preventive Maintenance
Security
Physical Security
Logical Security
Database Management
Personnel Controls
Change Management
Change Control
Patch Management
Conversions
Information Distribution and Transmission
Output
Transmission
Storage/Back-Up
Disposal of Media
Imaging
Event/Problem Management
User Support/Help Desk
Other Controls
Scheduling
Negotiable Instruments
RISK MONITORING AND REPORTING
Performance Monitoring
Capacity Planning
Control Self-Assessments
APPENDIX A: EXAMINATION PROCEDURES
APPENDIX B: GLOSSARY
APPENDIX C: ITEM PROCESSING
APPENDIX D: ADVANCED DATA STORAGE SOLUTIONS
Outsourcing Technology Services
Retail Payment Systems
Supervision of Technology Service Providers
Wholesale Payment Systems
Home
IT Booklets
Glossary
Presentations
Resources
