Regulatory Reality:

April, 2009


April 29, 2009  3:33 PM

Pandemic Planning: a quick update.

Posted by: David Schneier
bcp, business continuity planning, pandemic, Regulatory Compliance

I wanted to post a quick update regarding the looming threat of a true pandemic event courtesy of the swine flu.

In the past forty-eight hours I’ve had conversations with three separate clients in which the subject of their pandemic response plans...

April 27, 2009  5:28 PM

How’s your Pandemic Response Plan looking today?

Posted by: David Schneier
bcp, business continuity planning, FFIEC, GLBA, NCUA, pandemic, Regulatory Compliance

I started my day yesterday by finding my 12-year-old sitting with his eyes riveted on the laptop screen reading what I figured was something either on Facebook or a sports related website.  I only wish.  Turns out he was fixated on the breaking news covering the swine flu. Much like his...

April 21, 2009  8:12 PM

FDIC: More than just a sticker on the bank’s door.

Posted by: David Schneier
banking, FDIC, Regulatory Compliance

I opened my front door last week and found my industry waiting for me on my very own doorstep, seriously. The Raleigh News and Observer had a story on page one about how U.S. Senator Richard Burr called his family during the early days of the banking crisis last Fall and...

April 14, 2009  8:00 PM

Is information ever truly secure?

Posted by: David Schneier
Regulatory Compliance, Security

I never post on consecutive days; often times I struggle to post on consecutive weeks when the ideas just aren't flowing.  But after the day I've just had I have no where to go with what's swirling around in my head and so to my soapbox I run. Without bogging the story down in needless details...

April 13, 2009  9:36 PM

What vendor management is really all about

Posted by: David Schneier
FDIC, FFIEC, GLBA, Regulatory Compliance, shared assessment, Vendor Management

I received an email from a colleague last week in regards to my recent post about the BITS Shared Assessments Program.  In the entry I offered my high opinion of the framework but went out of my way to point out that by itself the assessment is not a vendor management program.  The subject line...

April 8, 2009  5:11 AM

The road to PCI compliance is fraught with potholes.

Posted by: David Schneier
PCI, Regulatory Compliance, Security

I’m a fan of diversification. Professionally or personally I strive to mix and match and switch things around to avoid falling into a rut and to keep things fresh; I’m hopeful the contents of my blog reflect on that....

April 2, 2009  4:21 PM

Keep an eye on Shared Assessments.

Posted by: David Schneier
Audit, GLBA, Regulatory Compliance, SOX, Vendor Management

About thirty seconds after I posted my last blog an item on the


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: