Presented by:
Susan Orr
VIEW A 10 MINUTE SAMPLE
(requires Windows Media Player and IE).
More than one regulation mandates that financial institutions ensure the security, confidentiality and integrity of information assets. GLBA is only the first. Since GLBA there have been other regulations and guidance that have stressed the need for protecting information assets. The rules don't all come from the federal banking regulators, either. We now have state data protection laws and the Payment Card Industry has issued data security requirements for merchants and service providers that also mandate an information security program. This security program and protection of critical assets includes both physical security and electronic or logical security.
Regardless of who issues the mandate, examiners are focused on financial institution compliance and on consumer interest. The consequences of noncompliance are numerous and include regulatory fines and enforcement actions, loss or modification of critical business data, disruption of services, and compromise of proprietary business plans or processes.
Will the examiners find your program inadequate? Will there be a data compromise event on your watch?
Questions we will address in this session:
What are the regulations and rules that address data security?
What is a security program and where do you start?
What are the elements of a security program?
What controls do you need?
Whose responsibility is the program?
What are the risks of not having an appropriate security program or of noncompliance with the rules?
Who Should Attend?
Senior management, audit, compliance, risk management, security officers, operations, information security officers, IT or anyone responsible for developing the program, security controls, overseeing the program, implementation of the program, or providing security training.
About the Speaker:
Susan Orr is president of Susan Orr Consulting, an IT regulatory compliance consulting and audit firm for the financial services industry. Susan is a former FDIC bank examiner, with over 18 years of examination, auditing, and risk management experience and holds the Certified Information Systems Auditor, Certified Information Security Manager, and a Certified Risk Professional designations. In addition to performing IT audit and consulting, she is a frequent speaker at financial institution conferences and has presented hundreds of seminars and webinars across the U.S.This product was added to our catalog on Thursday 26 March, 2009.
