The FFIEC just issued new BCP Guidance in the form of a 16 page addendum
…Read the rest of the article
FFIEC Issues Update to Business Continuity Guidance
Read the rest of the article
Read the rest of the article
Vendor Management in 3 Parts. Part 3 – Risk Management (or, “can we or can’t we?”)
The last step in the vendor management process is to manage, or control, the risk
…Read the rest of the article
Vendor Management in 3 Parts. Part 2 – Risk Assessment (or, “will they or won’t they?”)
In Part 1 I said that vendor management, just as any other risk management endeavor,
…Read the rest of the article
Guru Briefs – OCC on Cybersecurity & MRA’s, FFIEC on Cybersecurity Assessments
(NOTE: Guru Briefs are short takes on recently released regulatory activity. They are not a
…Read the rest of the article
Vendor Management in 3 Parts. Part 1 – Risk Identification (or, “do they or don’t they?”)
Service provider oversight (aka vendor management) is undoubtedly the hottest hot-button item on the regulator’s
…Read the rest of the article
Cybersecurity – Part 2
In Part 1 I discussed the increasing regulatory focus on cybersecurity, and what to expect
…Read the rest of the article
Cybersecurity – Part 1
Cybersecurity has gotten a lot of attention from regulators lately, and with assessments already underway
…Read the rest of the article
Ask the Guru: The Vendor Report of Examination (ROE)
Hey Guru
Where in the handbook does it state the Bank should request exam reports
Read the rest of the article
FDIC Re-issues Service Provider Guidance
Originally released in 2001, the FDIC recently re-issued 3 publications related to managing outsourced relationships:
…Read the rest of the article
FFIEC Issues Final Social Media Guidance…and Challenges Remain (UPDATE)
UPDATE 1/22/2014 – Compliance Framework Checklist added (scroll down)
Originally proposed back in January 2013,
…Read the rest of the article