Newsroom

Members of the Federal Financial Institutions Examination Council on Tuesday issued a revised Management booklet, which is part of its information technology handbook and includes revisions to the examination procedures and outlines the principles of sound IT governance.

In a statement on the revised booklet, NCUA said the updated examination procedures assist examiners in evaluating a credit union's IT governance and IT risk management as compared to the overall governance and risk management in financial institutions.

Other booklet updates include:

• the addition of some cybersecurity concepts relating to information security;
• integration of management-related concepts from other IT Handbook booklets; and
• augmentation and further explanation of the IT risk management process stages, including risk identification, measurement, mitigation, monitoring and reporting.

The FFIEC includes representatives from the Federal Reserve Board, FDIC, NCUA, the Office of the Comptroller of the Currency, CFPB and the State Liaison Committee.