When it comes to information security, there are as many ways to go wrong as to go right. That is why, before a financial institution attempts to implement and improve its security risk management process, it must examine its fundamental level of maturity. Is the organization ready for risk management?
Rebecca Herold is a nationally-known author and consultant who won national awards for her successful risk management and information protection programs while directing the information security program for Principal Financial Group. She shares her experience building effective information protection programs and also...
Federal regulations require many organizations to conduct independent testing of their computing and networking environment at regular intervals. Many organizations comply with this requirement by conducting penetration testing and vulnerability analyses. These tests offer a snapshot of an organization's security...
The sixth anniversary of September 11th draws near, and the question floating among those in the financial services industry remains, â€œIs my institution ready in the event another 9-11 happens?â€For information security expert William Crowell, his thinking is that by having a completely integrated and...
Vendor Management is one a regulatory hot-button - a key focus of examinations. Register for this webinar to learn:
Legal requirements for ensuring sound vendor security practices
The risks involved with outsourcing
How to mitigate those risks
How to ensure the vendor complies with regulatory responsibilities
Common sense is something all bank directors are expected to possess, bank directors with years of experience seem to be brimming with it. But if youâ€™re a new, or relatively new appointment to a board of directors at a bank,
When it comes to compliance with the FDICâ€™s recent Supervisory Letter on Identity Theft, financial institutions need to â€œbeef upâ€ their consumer education programs, along with looking more closely at their existing risk assessment programs to mitigate current and potential areas of vulnerabilities.
In 2006, the Federal Financial Institutions Examination Council (FFIEC) issued a revised version of the Bank Secrecy Act/Anti-Money Laundering (BSA/AML) Examination Manual. The manual has been updated to incorporate regulatory changes since the manual was first released in 2005 and to clarify supervisory expectations....
Register for this updated webinar to receive:
A heads-up on key examination issues
Review of the IT Risk Management Program Examination Process
Overview of IT Examination Officer's Questionnaire
What to expect, and how to respond
If your financial institution is facing an IT regulatory exam soon, you'll want to be ready for it. Despite the best efforts of your team, will your institution be ready? BankInfoSecurity.com's webinar will prepare your team for this arduous task. In the meantime, we interviewed Susan Orr, an ex-FDIC examiner, who...
A look at what the regulatory agencies base IT exams on and how your institution can be best prepared
Preparing for the pre-examination IT Questionnaire and the effect your responses will have
How do GLBA Section 501(b), the Bank Secrecy Act, Patriot Act, and FACTA figure into a regulatory IT exam
Examination of IT risk assessments and how they are vital to financial institutions
A look at why IT risk assessments are important to your organization
How an IT risk assessment is performed
Sample assessment matrix included
When planning for an internal IT risk assessment, it is a good idea to have a solid understanding of risk management first. The finance and accounting departments in most organizations now have a firm grasp on risk management from a business perspective, thanks to Sarbanes-Oxley. However, when the IT Security...
The FAQs recently published by the FFIEC on August 15, 2006, is an attempt by the FFIEC to answer questions asked of them about their guidelines on Internet Banking Authentication published October 12, 2005. The 2005 guidelines were an outgrowth of a previous guidance document issued in 2001.
As with all federal...