As financial institutions, you’re required to perform numerous risk assessments throughout the Information Security Program lifecycle: IT, Vendor, Business Process (BIA), and Cybersecurity risk assessments. Each serve a different function and goal, but one thing remains constant – if your risk assessment isn’t helping you to make decisions, it’s not a good risk assessment.
So how do you build a risk assessment that helps you to make better decisions? Let’s discuss.
Covered Topics
- Regulatory Requirements of ISP Risk Assessments
- Differences in the different types or Risk Assessments
- A framework for valuable risk assessments
- Make decisions from your IT Risk Assessment
- Make decisions from your Vendor Risk Assessment
- Make decisions from your Business Process Risk Assessment (BIA)
- Make decisions from your Cybersecurity Risk Assessment
- How do these risk assessments work together?
Who Should Attend?
Information Security Officer, IT Manager, Risk Officer, Internal Auditor, Board members, or other management team members looking for a solid understanding of the assessment process and how it drives improvements.