|
 |
Does completion of the standard annual IT risk assessment make me compliant for the FFIEC Guidance?
By Elizabeth Hale, Director, Risk Management, CC Pace
Question: Does completion of the standard annual IT risk assessment make me compliant for the FFIEC Guidance, Authentication in an Internet Banking Environment?
Answer: No. This is a new assessment that will be audited differently. The standard IT Risk Assessments look at the system from the back-end, whereas the new FFIEC Guidance requires evaluating the risks from an internally facing vantage point. This means the assessment should be performed from the perspective of someone who has logged into your system, with a legitimate user name and password, to show what can be done with the information viewed or transactions that are available for use.
CC Pace Boilerplate
CC Pace is a financial services consulting firm whose clients include members of the Fortune 100, as well as industry entrants and mid-size firms. CC Pace provides the banking industry the information and services you need to stay competitive in your markets using the best and most secure risk management and mitigation technologies. For additional information please visit our website at www.ccpace.com, call us at 703-631-6600, or email us at info@ccpace.com.
First published on BankersOnline.com 11/06/06
Privacy Policy Disclaimer Recommend This Site ! Contact Us
BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.
|
|
|
Print Friendly!
Email This Article!
Discuss NOW!