In November 2015, the FFIEC updated their Information Technology Information Handbook [for Management]. The updates address several new recommendations for bank management, including:
If your institution is relying on internal resources to manage and monitor your IT risks, you may be falling short. Utilizing outside resources to provide insight into gaps in your IT risk strategy and provide security oversight is key to preventing security breaches.
A financial organization’s core businesses should always be the focus of the underlying vision and strategy. Many financial organizations get inundated with compliance obligations that are not right sized for its specific business needs: Constantly chasing the information security compliance dragon without realizing any benefit. This is why a thorough security oversight plan is not just useful, but fundamental.
3 POLICY CHANGES THAT COULD CHANGE YOUR OVERALL BUSINESS STRATEGY
- 1. Trade and Foreign Investment Policies
- 2. Cybersecurity and Privacy Policies
- 3. Tax Policies
SECURITY OVERSIGHT SERVICES
Many third party providers can provide thorough breach assessments, perform white-hat hacking and penetration testing, and implement ongoing Security Information and Event Management (SIEM) services to help provide institutions the oversight they need to avoid breach or theft of data.
All Covered Finance Practice Director Patrick Whelan discusses our Audit and Reporting Service Bundle for financial institutions, designed to help clients meet regulatory compliance while accomplishing their IT objectives.