This workshop will focus on the risk assessment process for a community bank, including a sample matrix that can be adapted for any institution.
Princeton, NJ (BankInfoSecurity.com) April 11, 2007 – Performing a thorough enterprise-wide risk assessment is essential to ensure compliance with regulatory mandates and guidance, like section 501 (b) of GLBA, AML/BSA, BCP, and stronger authentication. A risk assessment is also fundamental to developing an audit program and imperative for developing a strong security program.
A review of the institution’s risk assessment is a key element of FFIEC IT examinations and IT audits. Examiners will not only review the outcome of your risk assessment, but will want to see documentation to support the process you used and the reports provided to the board.
This workshop is going to be presented by Susan Orr, CISA, CISM, CRP - ex-FDIC examiner. Susan Orr is a leading financial services expert with vast regulatory, risk management, and security best practice knowledge and expertise. During her 14 year tenure as a bank examiner, Susan held numerous lead positions including Regional IT Examination Specialist, Special Assistant to the Regional Director, Special Assistant to the Director of DSC, and Special Assistant to the Vice Chairman of the FDIC. Susan was also a lead instructor for the FDIC’s technology school and was instrumental in key industry initiatives such as the FDIC E-Risk Strategic Initiatives Risk Monitoring Committee, the Chicago Region Interagency Technology Group, and the Federal Financial Institutions Examination Council (FFIEC) IT Handbook rewrites. Susan retains close relationships within the FFIEC agencies as well as industry trade groups to stay abreast on new technologies, best practices, and regulatory issues.
Susan also speaks regularly at risk management and security educational seminars and has authored numerous white papers on emerging information technology and security risk management topics. Susan is a Certified Information Systems Auditor (CISA), Certified Information Systems Manager (CISM) and Certified Risk Professional (CRP).
For additional information about the BankInfoSecurity.com IT Risk Assessments Online Workshop, please visit: https://www.bankinfosecurity.com/webinarsDetails.php?webinarID=10.