Excerpt of Webinar FAQs from "Board Responsibilities for IT Risk Management"

Listen to Susan Orr CISA, CISM, CRP - ex-FDIC examiner respond to some of the FAQs from our information security for board members and senior management webinar. See below for a sampling of the questions asked.Sample questions addressed during this podcast:

• As a board member of a mid-sized bank, I don’t have the actual time to attend that much training on information security issues. What resources do you recommend I turn to in order to stay on top of the latest issues?

• I appreciate the fact that the smaller banks are beginning to be targeted. What is the most prevalent mode of attack that hackers are using against these smaller banks?

• Which group of users (hackers, internal users, end-users, etc.) would you target as the most dangerous?

• When you talk about FACTA, are there resources you can recommend for file deletion and wiping out hard drives?

• We’ve got our policies and controls in order, but what about our vendors? How do you suggest we manage the risks that we are presented with when using outside vendors to handle parts of the data flow?

• We’re involved in banking activities that our regulators have designated as high-risk transactions. Please give us examples and what regulation we should site when asking vendors to tow our information security line.

• With the increasing number of regulations both enacted and proposed at federal and state levels, what are the top two or three regulations we as board members should be concerned with before facing an audit? Which of the regulations is more important, or are they all important?




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.