Financial Institution Letters
November 20, 2015
Updated FFIEC Management Booklet Part of IT Examination Handbook Series
The Federal Financial Institutions Examination Council (FFIEC) has issued a revised "Management" booklet that provides guidance to assist examiners in evaluating the information technology (IT) governance at financial institutions and service providers. The booklet is part of the IT Examination Handbook series.
Statement of Applicability to Institutions with Total Assets under $1 billion: This Financial Institution Letter applies to all FDIC-supervised institutions offering online banking services.
- The revised Management booklet outlines the principles of overall governance and, more specifically, IT governance.
- The revised booklet delineates the stages of the IT risk-management process, including risk identification, measurement, mitigation, monitoring, and reporting.
- The revised booklet incorporates cybersecurity concepts as part of IT risk management.
- An electronic version of the booklet, as well as an FFIEC press release, is available at http://www.ffiec.gov/press.htm.
- FDIC-Supervised Banks (Commercial and Savings)
- Chief Executive Officer
- Chief Information Officer
- Chief Information Security Officer
- FFIEC IT Examination Handbook
- Jeffrey Kopchik, Senior Policy Analyst, at firstname.lastname@example.org or (703) 254-0459
FDIC Financial Institution Letters (FILs) may be accessed from the FDIC's website at https://www.fdic.gov/news/news/financial/2015/.
To receive FILs electronically, please visit https://www.fdic.gov/about/subscriptions/fil.html.
Paper copies of FDIC financial institution letters may be obtained through the FDIC's Public Information Center, 3501 Fairfax Drive, E-1002, Arlington, VA 22226 (1-877-275-3342 or 703-562-2200).