For item 0682 - IT Security, Iowa wants to see the policy, but it also helps to show the examiner exactly where the items they are asking for are located within the plan. 

In addition, the following items requested by IOWA are also included in the 2-9 IT Security Plan:

• 0680 - Remote Telecommuting Policy.pdf

• 0681 - Regulatory Business Plan - Need Org Chart.docx

• 0682 - IT Security - All Policies and Procedures.pdf

• 0682 - IT Security - Index of All Policies and Procedures.pdf

• 0684 - IT Audit Policy.pdf

• 0685 - Disaster Test Prep.pdf

• 0686 a b - Disaster Recovery Plan.pdf

• 0686 c d - Current Risk Assessment.pdf

• 0686 c d - Risk Assessment Impact Analysis.pdf

• 0687a - Data Breach-Incident Response Policy.pdf

Required Audits

• 0690 - Post Closing Compliance Review.pdf

• 0690 - Schedule of Audits.pdf

• 0691 - AML Audit.pdf

• 0691 - Training Audit.pdf