It alsoincludes the managementobjectiveofinternalaudit, which includes not only the audit ISprotection of assetsecurityanddataintegrity, but also the effectiveness of IS.
Internal audit is one area that needs improvement, according to the OCC, along with risk management oversight by the Board, asset valuation processes, and model controls and integrity.