Recorded: September 10, 2015
Length: 60 Minutes
The value that third party service providers (TSP) bring can quickly be eroded by the associated cyber risks, and the FFIEC expects that TSPs be subject to the same risk management, security, privacy, and other requirements - as if the financial institution were conducting the activities in-house. Regulatory expectations related to cyber resilience as well as the additional complexity inherent in using multiple TSPs require more diligence by financial institution management.
In this three-part series, you'll learn how to effectively manage TSPs, reduce cyber risk, and ensure compliance with a variety of regulations, including the new Appendix J of the BCP Service Booklet.
In Part One, Navigating Vendor Management, we'll cover the different regulations and updates, and how they all map together to ensure that TSPs are properly governed.
- How is Cloud Computing examined?
- What are the differences/similarities between SSAE 16 and SOC 2 reports?
- How does the new Appendix J of the BCP Services Booklet address vendor management and cyber security?
- What you need to ensure, when your TSP subcontracts to another vendor.
- Understanding your responsibilities when using a Managed Security Service Provider (MSSP).
Speaker: Karen Livingstone, InfoSight, Inc.
Karen is a contemplative and passionate executive with 20+ years' experience in providing risk management, audit, and regulatory compliance services. Karen has helped numerous financial service organizations design and implement cost-effective risk management and compliance programs and solutions. She has extensive experience in the IT assurance profession and understands audit and examination requirements.
Karen's knowledge of financial regulations is comprehensive. She has practical experience in helping financial institutions comply with the various aspects of FFIEC, OCC, FDIC and NACHA regulations impacting controls and processes related to the integrity and security of IT systems, processes, and people. Karen also has expertise with other best practice guidelines and frameworks provided by NIST, ISO, COSO and COBIT.
Karen holds designations as a CPA, CISA, CIA, CRMA, and AMLCA, is an alumnus of Florida Atlantic University, and has presented various topics for organizations operating in diverse industries. She was a visiting professor for the University of South Florida and is an active volunteer in her community
1 CPE Credit
Program Level: Basic-Intermediate
For more information, call 800-422-7285.
Print Order Form