This message is sent to you by Bank Newswatch

What Does the FDIC and CSBS INTREx Entail?

Wednesday, June 10th, 2020 10:00 am - 12:00 pm CT

Sponsored by Bank Webinars

Click Here to register $265.00 (includes five days of access to ondemand playback)

Click Here to register and receive CD recording $395.00

First the Regulators rolled out the Cyber Assessment Tool (CAT), then one year later the FDIC released its new Information Technology Risk Examination Program - or INTREx for short. The examination work program incorporates many of the work steps and review areas from the FFIEC IT Examination Handbook, while drawing from the CAT declarative statements and adopting a focus on cybersecurity.

Along with a new work program, prior to scheduling the examination, you will receive an Information Technology Profile which has replaced the former IT Officer’s Questionnaire. The original Uniform Rating System for Information Technology (URSIT) that includes a rating for each of the four examination components: Management, Audit, Support and Delivery, and Development and Acquisition and assignment of an overall composite rating has been resurrected.

Not only has the FDIC changed things up, the Federal Reserve is also using a form of INTREx as well as many of the Conference of State Banking Supervisors (CSBS).

You also may be asking if or how the examination process is going to change due to COVID 19. Join Susan for this webinar to get the low down on INTREx and any changes to the examination process.

Covered Topics

  • Overview of Examination Process
  • Technology Profile
  • Component Control framework - Audit, Management, Development and Acquisition, and Support and Delivery
  • Decision Factors
  • Cyber Security
  • GLBA Coverage
  • Report changes including URSIT

Who Should Attend?

Internal Auditors, Compliance Officers, IT Managers, Risk Managers, Information Security Officers, Senior Management; anyone interested in the IT examination process.


Susan Orr

Susan Orr is a leading financial services expert with vast regulatory, risk management, and security best practice knowledge and expertise.

As an auditor and consultant, Susan is dedicated to assisting financial institutions in implementing appropriate policies and controls to protect confidential information and comply with regulatory mandates and best practices. Her expertise as an auditor and former examiner provides her the knowledge and expertise to conduct comprehensive IT general control and data security reviews and assist de novo institutions in the vendor selection process, preparing policies and procedures, and instituting controls. She also consults for numerous security providers and vendors helping them align products and services to meet institution regulatory mandates. Susan is a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), and Certified Risk Professional (CRP).