-
“Concentration of duties”
It is not unusual for a community financial institution with limited personnel to have the Information Security Officer (ISO) act as a backup network administrator. In fact, this is a relatively common practice in an environment where key personnel will typically wear several hats. And there are practical reasons for this; the ISO is typically…
-
FDIC issues new FIL…
…and pretty much confirms what most of us already knew; regulatory scrutiny has increased across the board. FIL-13-2011 entitled “Reminder on FDIC Examination Findings” was just released March 1st, and in spite of the title, is not so much a reminder but a response. Here is the one-line summary: “Recently, the FDIC has received some…
-
Top 5 Compliance Trends for 2011 – Part 4
According to the FFIEC IT Examination Management Handbook, many institutions choose to delegate responsibility for monitoring IT activities to an IT Steering Committee. I also addressed this here. One of the most important roles of the IT Steering Committee is to ensure that the IT strategy is aligned with the overall business strategy. And the…