Presenter: Chad Knutson, SBS CyberSecurity, LLC
|This 60-minute program will be presented live on:||June 6, 2:00 p.m., Central Time|
|Recording available through:||September 6, 2019|
Vendor management is the most time-consuming component of your information security program. Reviewing the documents collected from vendors can take hours, but sometimes collecting the resources you need to conduct a review consumes even more of your time. With existing relationships, when you can’t get what you ask for, you might turn to the contract. The FDIC is warning institutions that they have observed in recent exams that contracts do not give institutions the right to request certain documentation nor do they clearly state that vendors will have certain critical controls in place. The major areas of concern they reference include Incident Response and Business Continuity.
The FDIC is putting institutions on notice that contracts need to be more closely managed in the vendor selection and vendor management process. If certain contract stipulations are not identified, then institutions need to implement compensating controls to address the risk. Institutions and their Boards of Directors are ultimately responsible for the protection of customer information and this clearly includes data shared with third parties. During this hot topic webinar, we will review the following:
- Vendor Management Process
- FDIC FIL 19-2019 Requirements
- Needed Contract Statements
Target Audience: Information Security Officer, Vendor Manager, IT Manager, Risk Officer, Internal Auditor, and Executives looking to understand the risk of vendor relationships.
This program qualifies for the following CPE Credits through the SBS Institute: S 1 CPEs*: CBSM, CBSE, CBVM
ISC2*: Estimated 1 hrs. CISSP. ISACA*: Estimated 1hrs. CISA/CISM/CRISC. *Self-Reporting
Your cart is empty