Archive for 'Vendor Management' Category
Some small organizations continue to use customer data to generate initial passwords, despite the risks. An article review. When rolling out a new online banking platform organizations are often faced with the task of issuing new usernames and passwords to existing users, but how they choose to do that can have a big impact on […]
Infotex is finally ready to say something about the Equifax Breach, the Ultimate Educational Moment. This Jolley | Hadaway article will explain why we’ve been silent, ’til now!
Dan has whittled all the noise to five resources a Small Business Owner should investigate (and utilize).
Recognizing early signs of trouble can save you from big issues later. A Jolley|Hadaway Article Maybe you’ve already seen some of the signs yourself. Your mouse cursor may move on its own, when you’re not touching it. Or you get notifications for a delivery, but the address isn’t yours. Those are some dead canaries: signs […]
Two sets of questions that can help start your vendor due diligence adventure. A quick Dan’s New Leaf Post, meant to inspire thought about IT Governance . . . . When you’re just starting to address the issue of vendor management, it can seem like a daunting task. And how do you explain to your vendor […]
The Cybersecurity Disclosure Act of 2017 Would Make The Board Report on Its Own Expertise An article review. For those of you wondering if you should be adding a Cybersecurity expert to your board of directories, you may be getting out in advance of law. We at infotex have been invited to consult with several bank boards, […]
What are the expectations for Financial Statement Review? For banks and credit unions. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . I’m often asked, “what should we be doing when it comes to financial statement review during vendor management.” Let me start off by […]
While the credit card industry-backed program has good aspects, it should not replace the SOC-2. With the number of different security standards–and ways to test those standards–out there, it can be difficult to stay on top of just what is required, compliance wise, for a specific situation. Case in point, we recently had a client with […]
Questions from vendor management to mitigating controls covered in the new document. An article review. The FFIEC released a document earlier this month covering some of the most frequently asked questions surrounding the Cybersecurity Assessment Tool (CAT), and it’s certainly worth taking a look at as many of their answers are eye-opening! Many have wondered […]