The Federal Financial Institutions Examination Council and its member regulators, which include the NCUA, have increasingly focused on cybersecurity in their assessments. Credit unions should expect this to continue.

In the past, many examiners would skip over the IT portion of an assessment, but that has all changed. NCUA auditors will look under the hood and focus on the cybersecurity plans of your credit union. With such a strong focus on cybersecurity, credit unions must be as prepared to explain their IT security measures as well as they can explain their loan loss modeling and asset liability management. 

ERM Security, based in Charlotte, N.C., noticed credit unions experienced a great deal of ambiguity when it came to understanding what NCUA examiners would focus on in IT audits. To assist credit unions, ERM Security partnered with CU Times to develop an NCUA Audit Survival Guide. CU Times readers can download the best-practices manual for free.

Download your free copy of the NCUA Audit Survival Guide here.

"We decided it could benefit the industry as a whole by providing a free resource with distilled actionable information that credit unions can take right now to both increase their security posture and leave them better prepared for their NCUA audits," ERM Security Director David Brown said.