Status: Live
The organization will review and summarize the minutes of the board or audit committee for member attendance and supervision of IT audit activities. [UCF ID 01151]
Supporting and supported controls
This control directly supports:
- • Audit Reporting [UCF Control ID 01145]
There are no supporting controls.
Authority documents complied with:
FFIEC IT Examination Handbook – Audit, August 2003, Exam Tier I Obj 2.2; FFIEC IT Examination Handbook – Business Continuity Planning, March 2008, Exam Tier I Obj 2.5; FFIEC IT Examination Handbook – Information Security, Exam Tier I Obj 7.1; FFIEC IT Examination Handbook – Management, Exam Obj 3.2; Financial Reporting Council, Combined Code on Corporate Governance, June 2008, § A.1.4
Banking and Finance Guidance
[Exam Tier I Obj 2.2, FFIEC IT Examination Handbook – Audit, August 2003]
[Exam Tier I Obj 2.5, FFIEC IT Examination Handbook – Business Continuity Planning, March 2008]
[Exam Tier I Obj 7.1, FFIEC IT Examination Handbook – Information Security]
[Exam Obj 3.2, FFIEC IT Examination Handbook – Management]
UK and Canadian Guidance
When the directors cannot resolve a problem about running the organization, they should ensure that the concerns are written in the Board minutes. [§ A.1.4, Financial Reporting Council, Combined Code on Corporate Governance, June 2008]
Metrics
The metrics associated with this control are as follows:
- • Report on the percentage of board or designated committee meetings for which information assurance was on the agenda [UCF Control ID 01672]
Copyright 2005-2009 Unified Compliance Framework™. All rights reserved.