Recorded: September 24, 2015
Length: 60 Minutes
The value that third party service providers (TSP) bring can quickly be eroded by the associated cyber risks, and the FFIEC expects that TSPs be subject to the same risk management, security, privacy, and other requirements - as if the financial institution were conducting the activities in-house. Regulatory expectations related to cyber resilience as well as the additional complexity inherent in using multiple TSPs require more diligence by financial institution management.
In this three-part series, you'll learn how to effectively manage TSPs, reduce cyber risk, and ensure compliance with a variety of regulations, including the new Appendix J of the BCP Service Booklet.
Changes in regulations for vendor management have resulted in new monitoring requirements. In Part Three, we'll delve deeply into advanced techniques for monitoring vendors and what constitutes an effective monitoring program.
- How do the recent and upcoming changes in regulations affect my vendor management program?
- How do I address my vendor's VM program?
- What monitoring changes are required for SLAs?
- What assistive tools are available?
- How to review SOC reports.
Speaker: Karen Livingstone, InfoSight, Inc.
Karen is a contemplative and passionate executive with 20+ years' experience in providing risk management, audit, and regulatory compliance services. Karen has helped numerous financial service organizations design and implement cost-effective risk management and compliance programs and solutions. She has extensive experience in the IT assurance profession and understands audit and examination requirements.
Karen's knowledge of financial regulations is comprehensive. She has practical experience in helping financial institutions comply with the various aspects of FFIEC, OCC, FDIC and NACHA regulations impacting controls and processes related to the integrity and security of IT systems, processes, and people. Karen also has expertise with other best practice guidelines and frameworks provided by NIST, ISO, COSO and COBIT.
Karen holds designations as a CPA, CISA, CIA, CRMA, and AMLCA, is an alumnus of Florida Atlantic University, and has presented various topics for organizations operating in diverse industries. She was a visiting professor for the University of South Florida and is an active volunteer in her community
Print Order Form