Comptroller's Handbook: Deposit-Related Credit. Comptroller's Handbook: Large Bank Supervision. Comptroller's Handbook: Capital and Dividends. Comptroller's Handbook: Community Bank Supervision.
Comptroller's Handbook: Bank Supervision Process. Comptroller's Handbook: Compliance Management Systems. Comptroller's Handbook: Military Lending Act. Comptroller's Handbook: Installment Lending. Comptroller's Handbook: Asset-Based Lending. Comptroller's Handbook: Student Lending. Comptroller's Handbook: Country Risk Management. Comptroller's Handbook: Floor Plan Lending. Comptroller's Handbook: Collective Investment Funds.
Comptroller's Handbook: Personal Fiduciary Activities. Comptroller's Handbook: Government Securities Act. Comptroller's Handbook: Conflicts of Interest.
Comptroller's Handbook: Merchant Processing. Comptroller's Handbook: Lease Financing. Comptroller's Handbook: Mortgage Banking. Comptroller's Handbook: Insider Activities. Comptroller's Handbook: Qualified Thrift Lender. Comptroller's Handbook: Depository Services. Comptroller's Handbook: Fair Lending. Seller Inventory APC More information about this seller Contact this seller. Book Description Condition: New. Seller Inventory ING Comtroller Of The Currency.
This specific ISBN edition is currently not available. View all copies of this ISBN edition:. Synopsis A management information system is a system that provides the information necessary to manage an organization effectively. This would enhance interaction and communication among examiners. This process includes reviewing controls that ensure that information is reliable, timely, accurate, and confidential. To determine examination procedures necessary to achieve stated objectives.
To determine if MIS policies or practices, processes, objectives, and internal controls are adequate. To evaluate whether MIS applications provide users with timely, accurate, consistent, complete, and relevant information.
To assess the types and level of risk associated with MIS and the quality of controls over those risks. To determine whether MIS applications and enhancements to existing systems adequately support corporate goals.
To determine if management is committed to providing the resources needed to develop the required MIS. To determine if officers are operating according to established guidelines. To evaluate the scope and adequacy of audit activities. To initiate corrective action when policies or practices, processes, objectives, or internal controls are deficient. To determine if any additional work is needed to fulfill the examination strategy of the institution. Obtain the following documents: G Examination Report and related management responses.
G MIS-related workpapers. G Organization charts detailing MIS responsibility. Review previous MIS review-related examination findings.
Review management's response to those findings. Request and review copies of recent reports prepared by internal or external auditors of targeted MIS area s. Review reports for the MIS target area s. Review MIS-related policies or practices and processes. Pay special attention to any changes since the previous review. Based on the performance of the previous steps, and discussions with the EIC and other appropriate supervisors, determine the scope of the examination and set the objectives.
Select from among the following examination procedures those steps that are necessary to meet the objectives. Examinations may not require all of the steps.
In conjunction with the EIC, identify each of the functional or product- related areas to be reviewed at this examination. Highlight those areas of MIS review that need to be addressed during the review. For the selected sample of MIS system s and as appropriate to support the defined scope, obtain: G User manual. G Project plan and related workpapers.
As examination procedures are performed, test for compliance with established policies or practices and processes, and the existence of appropriate internal control measures. Refer to the Internal Control Questionnaire as needed. Discuss with the EIC the need to perform verification procedures. As required, perform appropriate verification procedures. Select and review samples of ongoing executive reports for the targeted MIS area s.
Determine the degree to which management and the staff in an area under review use MIS adequately and can support that the MIS being used is appropriate and effective. Review minutes of the board of directors or committee s representing the MIS target area s for a relevant time period. Request a copy of the development plan for significant MIS-related projects.
Examples could include executive information packets, credit approval and take-out commitments, and funds management systems. Program development and negotiation of contracts for equipment and software vendors. Development of user instructions and system testing procedures. Installation and maintenance of the system. Select a system and request copies of relevant user instructions. Determine whether the guidelines are meaningful, easy to understand, and current.
Obtain from the user manuals or the appropriate manager a work flow showing data from the point-of-entry, through user processes, to final product. The purpose of this task is to review how information is identified, gathered, merged, manipulated, and presented. Depending on the organization's sophistication and system size, examiners may have to develop this work flow themselves. A complete understanding would suggest the interviewees both use and understand the MIS system s supporting them.
Compare this information with the material acquired in the immediately preceding item. Determine whether established procedures are sufficient to ensure the proper testing of system developments or enhancements. Review whether final versions of software enhancements are installed in a controlled environment that promotes integrity of information.
If it has, determine how management at the senior and departmental levels ensure that the resulting MIS supports and includes the five MIS elements mentioned previously. Prepare a memorandum of your conclusions and supporting findings. Identify suggested OCC follow-up actions. After a full discussion with the EIC prepare a memorandum and document work programs to facilitate future examinations.
However, because the nature and scope of MIS among banks, not all of the questions will be relevant in every bank. Similarly, a negative answer to a particular question does not necessarily indicate a weakness in the bank's MIS or surrounding internal controls if other equally effective or alternate controls are in place or there are other circumstances that mitigate the risk.
Where appropriate, documentation may include narrative descriptions, flowcharts, copies of forms used, and substantiation through observation or testing. Examiners should use their own judgement in deciding which internal control questions are relevant for a particular bank and whether a negative response to any particular question should be considered a matter of supervisory concern.
Has management developed and maintained a current MIS policy or practice? Is the policy or practice reviewed and updated regularly? Is the policy or practice distributed to appropriate employees? MIS Development 6. Does the internal planning process consider and incorporate the importance of MIS at both the strategic and tactical level? Do project objectives address reported MIS weaknesses and meet business unit requirements?
Does management have a process for monitoring project schedules?
0コメント