Hey Guru!
I have heard a lot about GDPR recently, but I am not terribly
…Read the rest of the article
Ask the Guru: GDPR
Read the rest of the article
Read the rest of the article
Ask the Guru: A Prospective Vendor Either Won’t or Can’t Provide the Documentation We Need. What Should We Do?
Hey Guru!
We’re doing our due diligence on a new HR software package. We’ve requested
…Read the rest of the article
Ask the Guru: How Can I Best Determine My Cyber Risk Profile?
Hey Guru!
We just completed the Cybersecurity Assessment, so now we have our current risk
…Read the rest of the article
Ask the Guru: “The Cybersecurity Assessment Tool… Do we have to?”
Hey Guru!
Management is asking why we have to complete the FFIEC Cybersecurity Assessment Tool
…Read the rest of the article
Ask the Guru: Cybersecurity “Risk Appetite”
Hey Guru
I saw multiple references to the term “risk appetite” in the FFIEC Cybersecurity
Read the rest of the article
Ask the Guru: The Vendor Report of Examination (ROE)
Hey Guru
Where in the handbook does it state the Bank should request exam reports
Read the rest of the article
Ask the Guru: The IT Audit “Scope”
Hey Guru
Our examiner is asking about the “scope” of our IT audits. What is
Read the rest of the article
Ask the Guru: Vendor vs. Service Provider
Hey Guru
I recently had an FDIC examiner tell me that we needed to make
Read the rest of the article