Regulatory Alerts2022-12-21
Guidelines for the Implementation of Information System Audits by Audit Firms for Supervised Entities
The Croatian Financial Services Supervisory Agency (Hanfa) issued these Guidelines to standardize how audit firms conduct and report on information system audits for supervised entities. The document mandates a risk-based, proportionality-driven audit methodology that requires auditors to assess organizational and technical controls, document material weaknesses, and provide actionable remediation recommendations with clear deadlines. It further establishes minimum reporting standards, including detailed IS descriptions, third-party engagement disclosures, and tracked implementation status of prior audit recommendations.
Share