IT Examiner School, Palm Springs, CA

First page Table of contents Previous page 193 Next page Last page

Vendor Management and Service Provider Oversight

Objectives

• Assess the effectiveness of an institution’s vendor management and service provider oversight practices. • Review vendor Reports of Examination (ROE) and Service Organization Control (SOC) reports. • Check vendor evaluations for personally identifiable information (PII). • Examine external Technology Service Provider (TSP) reviews. • Review Bank Service Company Act (BCSA) compliance for FDIC-supervised institutions. (FIL-49-99) • Evaluate a bank’s incident notification procedures. • Identify and evaluate affiliate service provider relationships. • Identify and evaluate international service provider relationships

Made with FlippingBook - professional solution for displaying marketing and sales documents online