There is a big misconception that an IT examination is a technical security assessment focused solely on computer systems, the network, and logical controls. While the technological components and the IT department are most definitely included in the examination, it doesn’t start and end there. An IT examination has an enterprise-wide reach that covers technology as well as operations, including core processing, and all forms of information assets; physical and logical security; administrative, technical, and physical controls. Information and cyber security along with business resiliency, incident response, and outsourced third-party risk management are also key elements of the examination.
How exams are conducted has changed since the pandemic of 2020. Today, it is not uncommon for the examination to be a "hybrid" that includes an offsite review and an onsite presence. The scope and focus of the exam may also vary depending on the complexity of the institution and past examination results. To be adequately prepared for your next IT examination, whether you are a seasoned professional or new to the examination process you should attend this presentation.
Who Should Attend
Senior management, operations, audit, compliance officers, IT staff, and anyone else responsible for preparing for and overseeing the examination program.