-
5 “random” facts
Fact 1 – According to the U.S. Bureau of Labor Statistics, the increasing complexity of financial regulations will spur employment growth of financial examiners. In fact it is expected to experience the third largest growth of all career paths through 2018: Fact 2 – According to Rep. Shelly Moore Capito (R-W.Va.), author of H.R. 3461,…
-
CFPB Examinations Are Coming – UPDATE 2
Coming soon to your financial institution: Dear Board of Directors: Pursuant to the authority of the Dodd-Frank Wall Street Reform… Read the rest of the article
-
Risk Managing BYOD (bring your own device)
Thanks in part to social media, users today often don’t differentiate between work and non-work activities, and they certainly don’t want to have to carry multiple work/non-work devices to keep them connected. As a result, new multi-function, multi-purpose mobile devices are constantly being added to your secure financial institution network…and often in violation of your…
-
“Data-flow diagrams”
This request was seen in a recent State examiners pre-examination questionnaire, and although I usually like to see a request a couple of times from different examiners before identifying it as a legitimate trend, this one could prove so potentially problematic that I thought I needed to get ahead of it. Before we go much…
-
The single most important vendor management control
Pop quiz…according to the FFIEC Handbook on Outsourcing Technology Services… “The ________ is the single most important control in the outsourcing process”: Initial due diligence process Review of third-party audit reports Contract Risk Assessment Vendor’s financial stability I’ve written before about the importance of the third-party review in the ongoing vendor management process (and how…
-
NIST releases new Cloud Computing Guidelines
Although not specific to the financial industry, the new guidelines provide a comprehensive overview of the privacy and security challenges of this increasingly popular computing model. It’s worth a look by both financial institutions considering cloud-based services, as well as service providers, because NIST guidelines often wind up as the basis for new or updated…
