While an ISP has many important elements, there are really 3 basic components: Risk Assessment, ISP Policies and Procedures, and Audit. The Risk Assessment will help you make decisions, the Policies and Procedures document the decisions for your institution to implement, and audit verifies that they have been completed and are adequate controls to protect your institution.
What You’ll Learn
- FFIEC Roles and Responsibilities of the ISP
- Building a strong Cybersecurity Culture
- Board Reporting
- Educational and Certification Paths
- Strong Risk Assessment Methodology
- Creating your ISP with Policies and Procedures
Who Should Attend
Information Security Officer, IT Manager, Risk Officer, Internal Auditor, and Executives looking to improve their Information Security Program.