What the FFIEC has to say about succession planning for members of the IT Governance process… We have been hearing about examination findings requiring Clients to create a succession plan for key members of the IT Governance process.  Dan asked me to update our research on this issue and, as a byproduct, I have produced […]

The FDIC has released new training material to help small banks start a discussion on risk… An article review. Sometimes it can be difficult to find a starting point when getting your employees discussing risk and technology, and while we do provide our own resources on the subject we wanted to pass along another resource […]

Object Access Limitations. . . While offering some visibility, there are limitations to object access monitoring. If your organization has to comply with industry regulations such as GLBA, HIPAA, or Sarbanes Oxley, you know that maintaining data security and privacy are important, and one of the ways you can accomplish that is with object access […]

The first in our guest author series, this article by Eric Kroeger and Jason Mikolanis explains the difference between patch and vulnerability management.

Dan has whittled all the noise to five resources a Small Business Owner should investigate (and utilize).

Think you’ve been hacked? These are sites to start your breach investigation.

Quick and Easy ERM Committee Boilerplate! This is a starting point for those wanting to establish an Enterprise Risk Management Committee. (It can also be used as the structure for an ISO Committee Charter, as well as a Audit Committee Charter.) The boilerplate charter is meant to establish the Enterprise Risk Management Committee, its membership, […]

Incident Response is a key to IT Governance. A good Incident Response Program will have a high-level policy, and a plan that enforces that policy by establishing goals, priorities, training, and tools.

Security Takes Cooperation! To help you remind your employees that security requires cooperation, here’s a security awareness reminder poster that you may print and post in conspicuous locations:  security_takes_cooperation_082414 !  

Mark your calendars! Dan Hadaway will be delivering a workshop with the Indiana Bankers Association to outline what makes an effective vendor management program. The workshop will be on August 21st starting at 9:00 AM and ending at 4:00 PM. For information on how to register, visit the IBA’s website. Sharpening Your Vendor Management Tools Because financial […]