Regulatory Reality:

risk rating

1

July 6, 2012  3:18 AM

Risk: The core issue behind regulatory requirements



Posted by: David Schneier
assess, assessment, assessments, Audit, audits, bank, banking, banks, compliance, compliant, control, credit union, credit unions, CU, enterprise risk, enterprise risk management, ERM, exam, examination, examinations, examiner, exams, FDIC, Federal Reserve Bank, FFIEC, financial institutions, framework, FRB, general controls, GLBA, governance, GRC, guidance, information security, information security office, infrastructure, NCUA, PII, policy, procedure, regulation, regulations, regulations audit, risk assessment, risk assessments, Risk IT, risk management, risk rating, risk-based, risks, threats, vendor, Vendor Management, vendor risk, vendor risk assessment

There's a joke of sorts within my personal circle of family and friends regarding what it is that I do these days.  Ask me and I'll tell you that I'm a regulatory compliance expert who advises financial institutions on how to comply with the myriad rules and regulations governing information...

October 11, 2010  3:56 PM

Vendor management program efforts still fall (way) short



Posted by: David Schneier
assess, examination, examiner, GLBA, NCUA, periodic review, regulations, regulatory, Regulatory Compliance, risk, risk rating, third party management, third party oversight, vendor, Vendor Management, vendor risk rating

Early last week I downloaded some fresh content covering vendor management.  It turned out that the new information wasn't really new, it's guidance that's been circulating in one form or another for years and tracks closely with guidance ripped from the pages of the Sante Fe Group/BITS Shared...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: