FFIEC I.T. Booklets Topology - Created by Jason P. Rusch

1. Audit
Introduction
IT Audit Roles and Responsibilities
Independence and Staffing of Internal IT Audit
Internal Audit Program
Risk Assessment and Risk-Based Auditing
Audit Participation in Application Development, Acquisition, Conversions, and
Testing
Outsourcing Internal IT Audit
Third-Party Reviews of Technology Service Providers
Appendix A: Examination Procedures
Appendix B: Glossary
Appendix C: Laws Regulations
Business Continuity
Introduction
Board and Senior Management Responsibilities
Business Continuity Planning Process
Business Impact Analysis
Risk Assessment
Risk Management
Risk Monitoring and Testing
Other Policies, Standards and Processes
Summary
Appendix A: Examination Procedures
Appendix B: Glossary
Appendix C: Internal And External Threats
Appendix D: Pandemic Planning
Appendix E: Interdependencies
Appendix F: Business Impact Analysis Process
Appendix G: Business Continuity Plan Components
Appendix H: Testing Program - Governance and Attributes
Appendix I: Laws, Regulations, and Guidance
Appendix J: Strengthening the Resilience of Outsourced Technology Services
Development and Acquisition
Introduction
Project Management
Development Procedures
Acquisition
Maintenance
Appendix A: Examination Procedures
Appendix B: Glossary
E-Banking
Introduction
Board and Senior Management Responsibilities
Business Continuity Planning Process
Business Impact Analysis
Risk Assessment
Risk Management
Risk Monitoring and Testing
Other Policies, Standards and Processes
Summary
Appendix A: Examination Procedures
Appendix B: Glossary
Appendix C: Internal And External Threats
Appendix D: Pandemic Planning
Appendix E: Interdependencies
Appendix F: Business Impact Analysis Process
Appendix G: Business Continuity Plan Components
Appendix H: Testing Program - Governance and Attributes
Appendix I: Laws, Regulations, and Guidance
Appendix J: Strengthening the Resilience of Outsourced Technology Services
Information Security
Introduction
Security Process
Information Security Risk Assessment
Information Security Strategy
Security Controls Implementation
Security Monitoring
Security Process Monitoring and Updating
Appendix A: Examination Procedures
Appendix B: Glossary
Appendix C: Laws Regulations
Management
Introduction
Risk Overview
Roles and Responsibilities
IT Risk Management Process
Management Considerations for Technology
Appendix A: Examination Procedures
Appendix B: Laws, Regulations,and Guidance
Operations
Introduction
Roles and Responsibilities
Risk Identification
Risk Assessment
Risk Mitigation and Control Implementation
Risk Monitoring and Reporting
Appendix A: Examination Procedures
Appendix B: Glossary
Appendix C: Item Processing
Appendix D: Advanced Data Storage Solutions
Outsourcing Tech Services
Introduction
Board and Management Responsibilities
Risk Management
Related Topics
Appendix A: Examination Procedures
Appendix B: Laws, Regulations, and Guidance
Appendix C: Foreign-Based Third-Party Service Providers
Appendix D: Managed Security Service Providers
Retail Payment Systems
Introduction
Retail Payment Systems Overview
Payment Instruments, Clearing, and Settlement
Retail Payment Systems Risk Management
Appendix A: Examination Procedures
Appendix B: Glossary
Appendix C: Schematic of Retail Payments Access Channels Payments Method
Appendix D: Laws, Regulations, and Guidance
Supervision Tech Service Providers
Introduction
Supervisory Policy
Supervisory Programs
Roles and Responsibilities
Risk-Based Supervision
Appendix A: URSIT
Wholesale Payment Systems
Introduction
Interbank Payment and Messaging Systems
Securities Settlement Systems
Intrabank Payment and Messaging Systems
Wholesale Payment Systems Risk Management
Appendix A: Examination Procedures
Appendix B: Glossary
Appendix C: Laws, Regulations and Guidance
Appendix D: Legal Framework for Interbank Payment Systems
Appendix E: Fed Reserve Board Payment System Risk Policy: Day Overdrafts
Appendix F: Payment System Resiliency