Being the Information Security Officer for a financial institution is a big responsibility in today’s world of cyber threats and data breaches. This webinar is for those who are new to the role or have been the ISO for some time but want to review what is expected and how to be successful. As the ISO, part of your responsibility is building and maintaining the Information Security Program. While it has many important elements, there are really 3 basic components: Risk Assessment, ISP Policies and Procedures, and Audit. The Risk Assessment will help you make decisions, the Policies and Procedures document the decisions for your institution to implement, and audit verifies that they have been completed and are adequate controls to protect your institution.
Building a strong Information Security Program is a fundamental component to a successful ISO. We will review various regulatory guidance that outlines ISO responsibilities and reporting structures. Additionally, various educational paths that can help develop your skills in the future.
What You Will Learn
- FFIEC Roles and Responsibilities of the ISP
- Building a Strong Cybersecurity Culture
- Board Reporting
- Educational and Certification Paths
- Strong Risk Assessment Methodology
- Creating your ISP with Policies and Procedures
Who Should Attend?
Information Security Officer, IT Manager, Risk Officer, Internal Auditor, Board members, or other management team members looking to more clearly define the roles of an Information Security Officer to better enable success.