March 25, 2011 2:48 PM
Posted by: David Schneier
business continuity,
business continuity plan,
business continuity planning,
disaster,
disaster recovery,
FFIEC,
GLBA,
NCUA,
regulations,
regulatory,
Regulatory Compliance,
SecurityThere will be no shortage of industry articles and analysis that will emerge from the horrific events in Japan over these past few weeks, that's for certain. This is arguably the most significant event to hit a major regional economy since World War II and it's important to learn as many lessons...
March 15, 2011 9:58 PM
Posted by: David Schneier
Audit,
bank,
banking,
compliance,
credit union,
CU,
exam,
examiner,
FDIC,
GLBA,
NCUA,
OCC,
oversight,
regulations,
regulatory,
Regulatory ComplianceI was catching up on my industry emails the other day and buried in my FDIC email folder was Financial Institution Letter FIL-13-2011, sent out on March 1st. Truthfully I usually pay close attention to their Friday afternoon blasts regarding bank closings and only skim the rest. But this one...
February 10, 2011 4:07 PM
Posted by: David Schneier
bank,
banks,
credit union,
credit unions,
email,
Facebook,
FDIC,
LinkedIn,
NCUA,
regulations,
regulatory,
Regulatory Compliance,
social network,
social networking,
tweet,
tweeting,
Twitter,
webA few weeks back my wife asked me, as a favor, if I could join one of Facebook's community-based games because the more "neighbors" you have, the easier it is to succeed and so I did. Truthfully it was a rare moment of weakness for me because I tend to avoid those sort of things as if it were the...
January 29, 2011 1:34 AM
Posted by: David Schneier
assessment,
Audit,
bcp,
business continuity plan,
disaster recovery,
DR,
FDIC,
GLBA,
NCUA,
regulations,
regulatory,
Regulatory ComplianceSomething happened within our practice this past week that made me recall a story from the very beginning of my audit and compliance career. Way back in 1998 when I was first transitioning from being an application developer/manager to a compliance/audit professional, my first long term engagement...
January 17, 2011 1:55 PM
Posted by: David Schneier
bank closing,
bank closings,
banking,
banking crisis,
compliance,
FDIC,
FFIEC,
foreclosure,
GLBA,
NCUA,
regulatory,
Regulatory ComplianceAs my professional mind started winding down this evening in anticipation of the weekend, my thoughts started drifting towards yard work and time with the family. Then my Droid started chirping it's little sing-song of alerts as a round of emails hit my inbox and I was brought back to reality for a...
November 16, 2010 6:07 PM
Posted by: David Schneier
Audit,
bcp,
compliance,
general controls,
GLBA,
NCUA,
regulatory,
Regulatory Compliance,
risk,
risk assessment,
SecurityMy practice recently wrapped up an engagement in which we conducted a tabletop test of a client's business continuity plan. As always with such exercises, it's interesting to find out how much distance exists between what's documented in an institution's policy/program and how business is...
November 2, 2010 2:33 PM
Posted by: David Schneier
assessment,
Audit,
controls,
GLBA,
NCUA,
regulatory,
Regulatory Compliance,
risk assessmentI was in the midst of writing my weekly blog post focusing on threadbare thin compliance efforts when I was distracted by news of a potential terrorist incident. As you likely know by now, it appears that Al-Qaeda was either attempting to send explosive devices onto airplanes or was conducting a...
October 11, 2010 3:56 PM
Posted by: David Schneier
assess,
examination,
examiner,
GLBA,
NCUA,
periodic review,
regulations,
regulatory,
Regulatory Compliance,
risk,
risk rating,
third party management,
third party oversight,
vendor,
Vendor Management,
vendor risk ratingEarly last week I downloaded some fresh content covering vendor management. It turned out that the new information wasn't really new, it's guidance that's been circulating in one form or another for years and tracks closely with guidance ripped from the pages of the Sante Fe Group/BITS Shared...
September 20, 2010 8:28 PM
Posted by: David Schneier
Audit,
compliance,
exam,
examination,
GLBA,
HIPAA,
NCUA,
NERC,
PCI,
regulatory,
Regulatory Compliance,
risk,
risk assessment,
SOXI stumbled upon an old nemesis of mine recently and the bad taste it left in my mouth continues to offend my senses.
In an industry where there are standards that define how standards should be written and websites dedicated to dissecting each standard so that everyone can understand what the...
