Date: October 18, 2019
Time: 10:00 - 11:30 AM CT
SBS Instructor: Jeff Spann
This webinar is presented in partnership with GSB.
FFIEC guidance has provided additional risk management expectations for financial institutions to implement. An essential component to building a successful risk management program is a solid risk assessment process. Our challenge has been to interpret the guidance into a functional assessment that the institution can effectively implement. The risk assessment must assist in making risk-based decisions and improve the strength of the Information Security Program. Guidance is clear that the risk assessment process must identify and measure inherent risks in various areas of the institution. Then account for the current controls used to appropriately manage risk. Current levels of risk must be compared against established risk appetite goals, to determine if additional controls are necessary. This risk assessment process is useful not only for conducting an organization-wide assessment for cybersecurity, but for many other aspects of information security risks.
This session will explore these regulatory resources and identify specific areas of the institution that must be assessed. Example processes will be used during the discussion to illustrate the fundamental process needed for each risk assessment type. To effectively address the growing threat concerns to our institution, we will review these 5 critical risk assessment areas:
- Cybersecurity Risk Assessment
- IT Risk Assessment
- Vendor Risk Assessment
- Commercial Account Risk Assessment
- BIA (BCP) Risk Assessment
Target Audience: Information security officer, IT manager, risk officer, internal auditor, and executives looking to improve processes for risk assessment.
This program qualifies for the following CPE Credits through the SBS Institute: 1.5 CPEs*: CBSM, CBSTP, CBIH
ISC2*: Estimated 1.5 hrs. CISSP. ISACA*: Estimated 1.5 hrs. CISA/CISM/CRISC. *Self-Reporting
Hacker Hour webinars are a series of free webinars hosted by SBS CyberSecurity. Unlike paid webinars, Hacker Hours are aimed to meet on a monthly basis to discuss cybersecurity issues and trends in an open format. Attendees are encouraged to join the conversation and get their questions answered. SBS will also offer products and services to help financial institutions with these specific issues.