As the ISO, part of your responsibility is building and maintaining the Information Security Program (ISP). While an ISP has many important elements, there are 3 fundamental components: risk assessments, ISP policies and procedures, and audits.
The risk assessments will help you make decisions. The policies and procedures document the decisions for your institution to implement. And the audit verifies that those decisions have been properly implemented and are adequate controls to protect your institution.
What You’ll Learn
- FFIEC roles and responsibilities of the ISP
- Building a strong cybersecurity culture
- Board reporting
- Educational and certification paths
- Strong risk assessment methodology
- Creating your ISP with policies and procedures
Who Should Attend
This session is ideal for IT and IS professionals who need to understand the strategic makeup of their IT team.