We use cookies to improve your experience and optimize user-friendliness. Read our privacy policy for more information on the cookies we use and how to delete or block them. To continue browsing our site, please click accept.
Winning Back-Office Strategies to Boost Your Business Agility
VIEWpoint Issue 1 | 2023
2023 Compliance Trends: Staying Ahead in an Evolving Regulatory E...
By John Hock, CPA, CISA, CITP, SOC – Manager, IT Advisory and Security Group
Recently, the Federal Financial Institutions Examination Council (FFIEC) issued a new booklet in the FFIEC Information Technology Examination Handbook series. The new booklet titled “Architecture, Infrastructure, and Operations” will replace the “Operations” booklet originally issued in July 2004.
This new booklet, double in size from its 2004 predecessor, provides expanded guidance to help financial institution examiners assess the risk profile and adequacy of an entity’s information technology architecture, infrastructure and operations. It discusses specifics related to the interconnectedness among an entity’s assets, processes and third-party service providers, as well as the principles, processes, potential threats and examination procedures to help examiners assess whether a financial entity’s management adequately addresses risks and complies with applicable laws and regulations.
Many concepts, although not new, were expanded on in the new booklet including hardware and software inventories, environmental controls, roles and responsibilities for the Board, senior management and IT operations management. It also addresses some new concepts or processes, such as:
Doeren Mayhew is well positioned to help your financial institution with all things IT. Taking a business-oriented approach, our IT Advisory and Security Group can assist in creating a strong foundation of controls to manage your institution’s IT risks and demanding IT compliance through a menu of services, tailorable to your organization’s needs. Contact us today to learn more.
This publication is distributed for informational purposes only, with the understanding that Doeren Mayhew is not rendering legal, accounting, or other professional opinions on specific facts for matters, and, accordingly, assumes no liability whatsoever in connection with its use. Should the reader have any questions regarding any of the news articles, it is recommended that a Doeren Mayhew representative be contacted.
A quick registration is required to view our resources.
You will only be asked to do this one time (unless you don't save your browser cookies).