While an ISP has many important elements, there are really 3 basic components: Risk Assessment, ISP Policies and Procedures, and Audit. The Risk Assessment will help you make decisions, the Policies and Procedures document the decisions for your institution to implement, and audit verifies that they have been completed and are adequate controls to protect your institution.
What You’ll Learn
FFIEC Roles and Responsibilities of the ISP
Building a strong Cybersecurity Culture
Board Reporting
Educational and Certification Paths
Strong Risk Assessment Methodology
Creating your ISP with Policies and Procedures
Who Should Attend
Information Security Officer, IT Manager, Risk Officer, Internal Auditor, and Executives looking to improve their Information Security Program.