On November 10, 2015, the FFIEC released a revised IT Management Handbook that outlines the principles for IT governance and explains how IT risk management relates to enterprise-wide risk management and governance. The handbook re-emphasizes that the Board of Directors is to set the tone and direction of the overall Information and Cyber Security Program, as well as executive management, IT steering committee, and information security officer responsibilities
Specifically, the Handbook stresses that the Board is to be actively engaged in asking questions and not just providing blanket approval. The revised Handbook also incorporates cybersecurity with approximately 53 references to the subject.
What We Will Cover:
Several key areas of the Handbook, including:
- Governance
- Roles and Responsibilities
- Strategic Planning
- Risk Management
- Identification
- Mitigation
- Third Party Management
- Monitoring and Reporting
Who Should Attend?
Information and Cyber Security Officers, Risk Managers, CEO, Auditor, Compliance Officer, IT Officers