FDIC Streamlines IT, Operations Risk Exam Procedures

Effective July 1, the FDIC will implement the Information Technology Risk Examination (InTREx) program for conducting IT and operations exams. The updated program reflects a more efficient, risk-focused approach, the agency said, and is designed to help ensure that IT and cybersecurity risks are promptly identified and addressed by bank management.

InTREx includes a streamlined IT profile that financial institutions will complete 90 days in advance of their exam, which replaces the IT Officer’s Questionnaire. The profile includes 65 percent fewer questions than the ITOQ, and is intended to provide exam staff with more focused insight on a bank’s IT environment.