ISMG Unveils Vendor Assessment Webinar ISMG Unveils Vendor Assessment Webinar Princeton, NJ - October 21, 2008 - BankInfoSecurity.com - Information Security Media Group, publisher of BankInfoSecurity.com and CUinfoSecurity.com, announces a timely web-based event, targeted at financial institutions large and small, which unveils the must-know "do's and don'ts" for evaluating third-party service providers. Security is a growing concern as institutions increasingly rely on outsourcing partners to handle key applications and processes. Not surprisingly, regulators are stepping in with mandates for greater due diligence in vendor chain management, making a bullet-proof assessment process absolutely crucial.

The webinar, entitled Vendor Management Part II: Assessing Vendors - the Do's and Don'ts of Choosing a Third-Party Service Provider, debuts Nov. 4.

Forrester estimates worldwide IT-related outsourcing is now about a $120 billion per year business. And financial institutions are already on the bandwagon, outsourcing any number of key applications and processes from accounting and human resources to customer service.

As such, banking regulators are upping their oversight, demanding more attention for security and compliance in the selection of service providers especially when those vendors handle sensitive data, like consumers' non-public personal information (NPPI). The National Credit Union Administration, for example, said that vendor management would be a top examination topic; and the Federal Deposit Insurance Corporation (FDIC) and Office of the Comptroller of the Currency (OCC) have made similar declarations.

"The common message from these regulators," says Mike D'Agostino, Marketing Manager at Information Security Media Group, "is that a financial institution can outsource a service, but it cannot cede responsibility for the potential risks to itself and its customers." So greater due diligence and risk assessment are in order when evaluating and managing third-party service providers across the entire vendor chain.

Still, many institutions are finding it increasingly difficult to determine if a vendor's security policies are in line with their own as well in compliance with government stipulations. This webinar, Part II in a series on Vendor Management offered by Information Security Media Group, addresses that challenge with a real-world take on assessing a vendor's security and privacy practices.

James Christiansen, the former CISO of Experian, General Motors and Visa, introduces learned do's and don'ts for vendor security assessment. Currently the CEO of Evantix LLC, Christiansen uses his own field experience to detail several crucial topics from the regulatory requirements to getting started and implementing best practices for managing risk. During this webinar, Christiansen will walk through actual case studies, analyzing different business relationships with vendors and demonstrating how to conduct successful assessments.

To register for the webinar:

Vendor Management Part II: Assessing Vendors - the Do's and Don'ts of Choosing a Third-Party Service Provider

About ISMG: With members representing over 13,000 financial institutions, and regular input from federal banking agency officers and their own board of advisors, ISMG delivers webinars and online training that is focused, timely and -- most important -- useful. Presented by actual practitioners and industry experts, each presentation (ranging from 90 minutes to two-plus hours) delivers how-to and practical information on the inner-workings of information security programs at financial institutions. For more on ISMG's training offerings, view the webinar calendar: https://www.bankinfosecurity.com/webinarsCalendar.php



Around the Network