Develop an Effective Vendor Management Program And Exceed Regulatory Expectations in the Process
Two hour tele-web seminar November 20, 2012
Vendor management is a hot topic for examinations today. It is a key element of your overall information security program and a requirement of numerous regulations and guidance.
This tele-web seminar will begin on Tuesday, November 20, 2012 at 11:30 AM to 1:30 PM Pacific Time.
When you outsource, you are placing your confidential customer information in someone else’s hands along with the control for the security of that information, but you still retain the responsibility for ensuring the integrity, confidentiality, and security of the information. While you need to trust your third parties, the trust can’t be blind. The due diligence process is imperative prior to entering into a relationship.
You need to establish rules and guidelines for a successful relationship and establish performance measurement criteria. Just as you run your business with best practices in mind, your outsourced partners should do the same. The outsourcing environment is also under going some changes with the arrival of “cloud computing”, which makes the due diligence process even more critical. But don’t forget about what happens after the contract is signed; due diligence is only part of the equation. Continuing to oversee and monitor that relationship and ensuring performance standards and security requirements are adhered to is also critical.
- Why you need a program
- Key elements of an effective program
- Risks of not having a comprehensive program
Compliance Officers, Internal Auditors, Risk Managers, IT and Operations Managers, any one charged with vendor oversight.
Susan Orr, CISA, CISM, CRP, CRISC, is an industry expert with vast regulatory, risk management, and security knowledge. During her 14-years as bank examiner, Susan held numerous lead positions including Regional IT Examination Specialist, Special Assistant to the Regional Director, and Special Assistant to the Vice Chairman of the FDIC. Susan was lead instructor for the FDIC’s technology school. She currently consults for security providers and performs IT security/regulatory reviews for financial institutions.
2.0 total credits
Member price: $250.00 | Non member price $500.00