|  In

BYOD Redux – The Policy Solution (Part 2)

In the previous post, I suggested that because mobile devices (smart phones and PDA’s) were not that functionally different in how they process, transmit, and store information than other mobile computing devices like laptops, a separate policy wasn’t necessary.  Since data security, confidentiality and integrity concerns were the same as other devices, you should be […]

 |  In

BYOD Redux – The Policy Dilemma (Part 1)

Employee-owned mobile devices are everywhere, and they’re being used for everything from email to document storage and editing.  Proper risk management procedures are defined in your policies, but do you need a separate mobile device policy, or can you simply mention them in the same policy sections that address other portable devices?  Or is there […]

 |  In

Risk Managing Social Media – 4 Challenges

Twitter, LinkedIn, Facebook, Google+…the decision to establish an on-line presence is a very popular topic these days, and it is extremely easy to do, but effectively managing social media risk can be frustratingly complicated.  In many ways. it just doesn’t lend itself to traditional risk management techniques, so the standard pre-entry justification process is much […]

 |  In

FDIC issues new FIL…

…and pretty much confirms what most of us already knew; regulatory scrutiny has increased across the board.  FIL-13-2011 entitled “Reminder on FDIC Examination Findings” was just released March 1st, and in spite of the title,  is not so much a reminder but a response.  Here is the one-line summary: “Recently, the FDIC has received some […]

 |  In

Top 5 Compliance Trends for 2011 – Part 4

According to the FFIEC IT Examination Management Handbook, many institutions choose to delegate responsibility for monitoring IT activities to an IT Steering Committee.  I also addressed this here.  One of the most important roles of the IT Steering Committee is to ensure that the IT strategy is aligned with the overall business strategy.  And the […]

 |  In

New FDIC Survey Results and Third-Party Providers

The new FDIC Supervisory Insights Winter 2010 newsletter addresses several issues of interest to bankers, including Trust Preferred Securities, Managing Agricultural Credit, and Senior Life Settlements.  But there was also a section that analyzed the results of a survey that was conducted by FDIC examiners over the past year.   The more than 2,100 responses […]

 |  In

5 Key Elements of Risk Management

As a financial institution, it sometimes seems that everything you do requires a risk assessment.  Information security, disaster recovery, ID theft, remote deposit capture, outsourcing, in fact the term “risk assessment” appears 215 times in the FFIEC IT Examination Handbooks.  But a risk assessment is only one step of a five step risk management process…and […]

Stay up to date with these pandemic resources for community banking.See COVID-19 Resources
+
The Compliance Guru Pictogram
 |  In

BYOD Redux – The Policy Solution (Part 2)

In the previous post, I suggested that because mobile devices (smart phones and PDA’s) were not that functionally different in how they process, transmit, and store information than other mobile computing devices like laptops, a separate policy wasn’t necessary.  Since data security, confidentiality and integrity concerns were the same as other devices, you should be […]

 |  In

BYOD Redux – The Policy Dilemma (Part 1)

Employee-owned mobile devices are everywhere, and they’re being used for everything from email to document storage and editing.  Proper risk management procedures are defined in your policies, but do you need a separate mobile device policy, or can you simply mention them in the same policy sections that address other portable devices?  Or is there […]

 |  In

Risk Managing Social Media – 4 Challenges

Twitter, LinkedIn, Facebook, Google+…the decision to establish an on-line presence is a very popular topic these days, and it is extremely easy to do, but effectively managing social media risk can be frustratingly complicated.  In many ways. it just doesn’t lend itself to traditional risk management techniques, so the standard pre-entry justification process is much […]

 |  In

FDIC issues new FIL…

…and pretty much confirms what most of us already knew; regulatory scrutiny has increased across the board.  FIL-13-2011 entitled “Reminder on FDIC Examination Findings” was just released March 1st, and in spite of the title,  is not so much a reminder but a response.  Here is the one-line summary: “Recently, the FDIC has received some […]

 |  In

Top 5 Compliance Trends for 2011 – Part 4

According to the FFIEC IT Examination Management Handbook, many institutions choose to delegate responsibility for monitoring IT activities to an IT Steering Committee.  I also addressed this here.  One of the most important roles of the IT Steering Committee is to ensure that the IT strategy is aligned with the overall business strategy.  And the […]

 |  In

New FDIC Survey Results and Third-Party Providers

The new FDIC Supervisory Insights Winter 2010 newsletter addresses several issues of interest to bankers, including Trust Preferred Securities, Managing Agricultural Credit, and Senior Life Settlements.  But there was also a section that analyzed the results of a survey that was conducted by FDIC examiners over the past year.   The more than 2,100 responses […]

 |  In

5 Key Elements of Risk Management

As a financial institution, it sometimes seems that everything you do requires a risk assessment.  Information security, disaster recovery, ID theft, remote deposit capture, outsourcing, in fact the term “risk assessment” appears 215 times in the FFIEC IT Examination Handbooks.  But a risk assessment is only one step of a five step risk management process…and […]