January 17, 2013 - 9:51am
#1
During our last NCUA exam, I was told that Audit should be creating and maintaining a SANS 20 Critical Controls document of the IT Department. Has anyone else been given the same directive? If so, do you have a framework/template to document and report the results?ThanksDeanne MillerVP Audit ServicesMembers 1st FCU
