IT Examination Review - FDIC & CSBS INTREx

Thursday, September 1st, 2022 10:00 am - 12:00 pm

A Program

Click Here to register for live program $279

Click Here to register for live program and recording $419

The actual INTREx – Information Technology Risk Examination Program adopted by the FDIC and CSBS IT examiners hasn’t changed since it was rolled out in 2016; however, there have been some changes in the examiners focus when it comes to the IT examination. The Federal Reserve examiners are also using their own “INTREx” related examination work program.

The INTREx program definitely has its roots in GLBA and cyber security, the FFIEC IT Examination Handbooks and draws from the current CAT Declarative Statements. In addition, to going over the INTREx work program, we will be sharing some specific areas of focus you need to be aware of as you prepare for your 2021 examination; including some newer guidance and proposed guidance that has been issued since the INTREx release.

In this webinar we will do an overview of the INTREx work program including the IT Officer’s Questionnaire and changes to the rating system used. We will also highlight the INTREx program steps and sharing the potential “2021” exam focus areas to help you be better prepared for your examination.

What You'll Learn

  • Overview of Examination Process
  • Technology Profile
  • Component Control framework - Audit, Management, Development and Acquisition, and Support and Delivery
  • Decision Factors
  • Cyber Security
  • GLBA Coverage
  • Areas of increasing focus for 2021
  • Report changes including URSIT


Susan Orr

Susan Orr is a leading financial services expert with vast regulatory, risk management, and security best practice knowledge and expertise.

As an auditor and consultant, Susan is dedicated to assisting financial institutions in implementing appropriate policies and controls to protect confidential information and comply with regulatory mandates and best practices. Her expertise as an auditor and former examiner provides her the knowledge and expertise to conduct comprehensive IT general control and data security reviews and assist de novo institutions in the vendor selection process, preparing policies and procedures, and instituting controls.