In September 2016, the FFEIC completely rewrote the Information Security Handbook. The Handbook represents an integration of concepts from Cybersecurity Guidance, Management Guidance, and other elements released in the past 10 years. The FFIEC Information Security Handbook is the most comprehensive resource from the FFIEC on constructing an adequate Information Security Program.
The Handbook focuses on the governance, culture, and responsibilities to make Information Security Programs successful. The creation of these programs is based on risk assessment processes that assist the institution in making control decisions; these decisions are then documented in policies, standards, and procedures.
The last component of a successful program is to ensure that the controls are effectively implemented with assurance, testing, and auditing processes.
Topics Will Include:
- Governance of the Information Security Program
- Information Security Program Management
- Security Operations
- Information Security Program Effectiveness
- Recurring requirements listed in the FFIEC Booklet
Who Should Attend?
Information Security Officer, IT Manager, Risk Officer, Internal Auditor, Board members, or other management team members looking to understand the new FFIEC requirements and expectations.
Instructor
Jon Waldman is a co-founder and Senior Information Security Consultant for SBS CyberSecurity, LLC, a premier cybersecurity consulting and audit firm dedicated to making a positive impact on the banking and financial services industry.
He maintains his CISA and CRISC certifications and received his Bachelor of Science in Computer Information Systems and his Master of Science in Information Assurance with an emphasis in Banking and Finance Security from Dakota State University.
Over the last ten years Jon has helped hundreds of financial institutions across the country create and implement comprehensive, valuable, and manageable Information Security Programs. He also conducts webinars and certification programs for the SBS Institute.