Security Oversight
In November 2015, the FFIEC updated their Information Technology Information Handbook [for Management]. The updates address several new recommendations for bank management, including:
- “Oversee the adequacy and allocation of IT resources.”
- “Hold management accountable for identifying, measuring and mitigating IT risks.”
If your institution is relying on internal resources to manage and monitor your IT risks, you may be falling short. Utilizing outside resources to provide insight into gaps in your IT risk strategy and provide security oversight is key to preventing security breaches.
A financial organization’s core businesses should always be the focus of the underlying vision and strategy. Many financial organizations get inundated with compliance obligations that are not right sized for its specific business needs: Constantly chasing the information security compliance dragon without realizing any benefit. This is why a thorough security oversight plan is not just useful, but fundamental.
Click Here to Learn More
SOURCE All Covered
