Compliance Guru • FFIEC Guidance
  • Ask the Guru
  • The Guru Speaks
  • About
  • Ask the Guru
  • The Guru Speaks
  • About
The Compliance Guru Pictogram

Are You Ready for the New BCM Handbook?

Take the Quiz

Moving Beyond the ACET: Next Steps

Get a Copy

Role of the Information Security Officer

Get a Copy

By Tom Hinkel  |  In From the Field

“Concentration of duties”

It is not unusual for a community financial institution with limited personnel to have the Information Security Officer (ISO) act as a backup network administrator.  In fact, this is a relatively common practice in an environment where key personnel will typically wear several hats.  And there are practical reasons for this; the ISO is typically […]

Read Post 0
By Tom Hinkel  |  In Hot Topics

The Pendulum Swings in 2011?

I’ll be posting my list of audit and examination trends for 2011 soon, but this article by me on a similar topic was just published in Bank Technology News.

Read Post 0
By Tom Hinkel  |  In From the Field

The IT Steering Committee – Should or Must?

At a recent user group meeting of one of the major core vendors for community banks, I asked the question ‘how many of you use an IT or Tech Steering Committee?’.  I was expecting a vast majority of hands to go up, but only about half did.  This was surprising to me, given that: The […]

Read Post 4
By Tom Hinkel  |  In From the Field

The 5 trickiest FDIC IT examination questions (part 5).

In my last post, I asked you to weigh in on what question you wanted me to address in this final post of the series.  This one came from a bank that was in the process of actually filling out the questionnaire, and it’s a good one.  It’s found in the Vendor Management section: “Has […]

Read Post 1
By Tom Hinkel  |  In From the Field

The 5 trickiest FDIC IT examination questions (part 4).

Last time in Part 3 we discussed (at some length) the FDIC IT Exam question “Are project management techniques and system development life cycle processes used to guide efforts at acquiring and implementing technology (Y/N)?”.  This time, we address a question from the Part 3 – Audit/Independent Review Program section titled: “Are the results of […]

Read Post 1
By Tom Hinkel  |  In From the Field

The 5 trickiest FDIC IT examination questions (part 3).

Last time in Part 2 we tackled “Does the bank’s strategic planning process incorporate information security (Y/N)?” from the FDIC IT Examination…

Read Post 1
By Tom Hinkel  |  In From the Field

The 5 trickiest FDIC IT examination questions (part 2).

Last time we addressed a question from the FDIC IT Examination Questionnaire, found in PART 2, OPERATIONS SECURITY AND RISK MANAGEMENT…

Read Post 1
By Tom Hinkel  |  In From the Field

The 5 trickiest FDIC IT examination questions (part 1).

…and how to answer them.  Actually, answering them is the easy part, they all require a “Y”.  Documenting the basis for your answer is a bit harder.  Because each question really requires it’s own discussion, I will address each one in separate posts.  Also, the questionnaire I will be referring to is the newer 12/07 […]

Read Post 1

Join Our Community

Browse Posts

  • Ask the Guru
  • Ask the ISO
  • From the Field
  • Hot Topics
  • Reading Between the Lines
  • Resources

Copyright ©2021 Compliance Guru®.
All Rights Reserved.

Powered by Safe Systems. Privacy Policy

Stay up to date with these pandemic resources for community banking.See COVID-19 Resources
+