Instructions
1. This compliance checklist should be completed each year by senior officers who have direct knowledge of the financial institution’s information systems and operations. The information provided in this checklist should be reviewed by their superiors.
2. Each guideline description in the checklist should be evaluated in the context of the relevant sections in the Technology Risk Management Guidelines. Some guideline descriptions in this checklist have been condensed and may not be verbatim with the Guidelines.
3. For each guideline description, place an “X” in the appropriate column to indicate whether the financial institution is fully compliant, partially compliant, or not compliant. Otherwise, place an “X” in the NA column.
4. If full compliance has not been achieved, explain in the Comments column why, and how and when remedial action would be made.