Skip to content
BOL Conferences
Forums · Active Threads · Forum Rules · Mark All Read · Log In
BankersOnline.com Forums Banker Forums Security - PUBLIC ISO reporting to IT Manager
Thread Options
#1220352 - 07/22/09 01:31 PM ISO reporting to IT Manager
rhspalding Offline
Junior Member
Joined: Jun 2008
Posts: 34
According to the FFIEC IT Handbook, the information security officer should report directly to the board or senior management rather than through the IT Dept. Our ISO reports to the CIO, who is the IT Manager. Unfortunately, no one in senior management understands the ISO's job duties and do not feel that they could properly supervise him/her. How are the reporting duties of the ISO structured at other banks? Any information/ideas are greatly appreciated!
Last edited by rhspalding; 07/22/09 05:16 PM.
Return to Top
Security - PUBLIC
#1221556 - 07/23/09 07:21 PM Re: ISO reporting to IT Manager rhspalding
ITGuy Offline
Gold Star
Joined: May 2004
Posts: 352
Alabama
I am the IT Officer as well as the ISO. I asked the regulators if this was a conflict, and they said that it is not. In my role as ISO, I report directly to the board.
_________________________
"Work like you don't need the money, love like you've never been hurt, and dance like no one is watching!"


Return to Top
#1223408 - 07/28/09 04:27 PM Re: ISO reporting to IT Manager ITGuy
Tryin-2-Comply Offline
100 Club
Joined: Apr 2003
Posts: 202
Hills of TN
Our ISO reports to the security officer, who then reports to the board.

Return to Top

Moderator:  Andy_Z