FFIEC User Access Reviews for Credit Unions/Banks (Financial Institutions)
Financial Institutions such as Credit unions and banks must perform user access reviews as outlined in the Federal Financial Institutions Examination Council (FFIEC) Information Security booklet. This “Information Security” booklet is an integral part of the Federal Financial Institutions Examination Council (FFIEC) Information Technology Examination Handbook (IT Handbook) and should be read in conjunction with the other booklets in the IT Handbook. This booklet provides guidance to examiners and addresses factors necessary to assess the level of security risks to a financial institution’s information systems. It also helps examiners evaluate the adequacy of the information security program’s integration into overall risk management.