Princeton, NJ (BankInfoSecurity.com) October 23, 2006 – Safeguarding information assets might sound like a task for the technical team. However, when it comes to information security breaches, the board of directors and senior management are ultimately accountable. Board members and senior management are responsible for planning and implementing an IT risk management system that works. To do so, they must understand the risks and safeguards required to govern and maintain a secure environment.
Customer confidence and trust is one key to banking success. That trust is only as secure as the IT risk management system board members and senior management decide to implement. By implementing a system that identifies, measures, manages and controls risks to data and systems, they can protect their institution’s reputation and adhere to regulatory mandates and laws. The Gramm-Leach-Bliley Act and section 216 of the Fair and Accurate Credit Transactions Act require strict administrative, technical and physical safeguards and so compliance and minimal risk are imperative.
This workshop is going to present an explanation of IT security based on the FFIEC guidance and best practices. It will offer comprehensive guidance on information security specifically for board members and senior management. The presentation will also help explain the board’s role in planning, researching and implementing an information security program. Tips and techniques for information security administration and management will also be discussed.
Susan Orr, CISA, CISM, CRP - ex-FDIC examiner – will be presenting the workshop. Susan Orr is a leading financial services expert with vast regulatory, risk management, and security best practice knowledge and expertise . During her 14 year tenure as a bank examiner, Susan held numerous lead positions including Regional IT Examination Specialist, Special Assistant to the Regional Director, Special Assistant to the Director of DSC, and Special Assistant to the Vice Chairman of the FDIC. Susan was also a lead instructor for the FDIC’s technology school and was instrumental in key industry initiatives such as the FDIC E-Risk Strategic Initiatives Risk Monitoring Committee, the Chicago Region Interagency Technology Group, and the Federal Financial Institutions Examination Council (FFIEC) IT Handbook rewrites. Susan retains close relationships within the FFIEC agencies as well as industry trade groups to stay abreast on new technologies, best practices, and regulatory issues.
For additional information about the BankInfoSecurity.com “Board Responsibilities for IT Risk Management - Building Blocks for a Secure System” workshop please visit: https://www.bankinfosecurity.com/workshop_bod.php.