A Webinar-Movie In our current world of uncertainty there is at least one thing that is certain. Business needs to continue, and that means that it is important for managers to be able to meet with their team even if everyone is working remotely at this point. In this Webinar-Movie, Dan will compare virtual meeting […]

Welcome 2020 IBA Cybercon Attendees! You can download a zip folder that includes our Simplified Insurance Review Boilerplate! Download Here Also, if you are interested in Insurance Review check out our video!    

What the FFIEC has to say about succession planning for members of the IT Governance process… We have been hearing about examination findings requiring Clients to create a succession plan for key members of the IT Governance process.  Dan asked me to update our research on this issue and, as a byproduct, I have produced […]

The FDIC has released new training material to help small banks start a discussion on risk… An article review. Sometimes it can be difficult to find a starting point when getting your employees discussing risk and technology, and while we do provide our own resources on the subject we wanted to pass along another resource […]

Object Access Limitations. . . While offering some visibility, there are limitations to object access monitoring. If your organization has to comply with industry regulations such as GLBA, HIPAA, or Sarbanes Oxley, you know that maintaining data security and privacy are important, and one of the ways you can accomplish that is with object access […]

The first in our guest author series, this article by Eric Kroeger and Jason Mikolanis explains the difference between patch and vulnerability management.

Dan has whittled all the noise to five resources a Small Business Owner should investigate (and utilize).

Think you’ve been hacked? These are sites to start your breach investigation.

Quick and Easy ERM Committee Boilerplate! This is a starting point for those wanting to establish an Enterprise Risk Management Committee. (It can also be used as the structure for an ISO Committee Charter, as well as a Audit Committee Charter.) The boilerplate charter is meant to establish the Enterprise Risk Management Committee, its membership, […]

Incident Response is a key to IT Governance. A good Incident Response Program will have a high-level policy, and a plan that enforces that policy by establishing goals, priorities, training, and tools.