JavaScript seems to be disabled in your browser. For the best experience on our site, be sure to turn on Javascript in your browser.

OnDemand Webinars

New FFIEC AIO Handbook - Regulatory Expectations

The new AIO Booklet was developed to reflect the changing technological environment and increasing need for security and resilience. This webinar will include an overview of the new booklet and examiner expectations for your architectural design, infrastructure, and operation of information technology systems.

OnDemand

Recorded Wednesday,
August 25th, 2021

Presented by Susan Orr

2h total length

$279.00 or 1 Token

70BWUS214300G

Includes: 30 Days OnDemand Playback, Presenter Materials and Handouts

Available Upgrades i To upgrade your registration:

Add a webinar to your cart.

Select the desired upgrade(s).

12 Months OnDemand Playback
12 Months OnDemand Playback
- Extend your OnDemand playback access from 30 days to 12 months
$110.00
12 Months OnDemand Playback + Digital Download
12 Months OnDemand Playback + Digital Download
- Extend your OnDemand playback access from 30 days to 12 months
- Plus, get a digital copy of the OnDemand recording
$140.00

Topics

Risk Management/Legal
Technology/Security

Roles

Internal Auditor
IT Professional
Risk Manager
Senior Management

Subscribe & Save on Webinars

Save on annual training costs with our Webinar Subscription Service and share webinars across your entire organization.

Become a subscriber

The new Architecture, Infrastructure, and Operations Booklet was developed to reflect the changing technological environment and increasing need for security and resilience. This webinar will include an overview of the new booklet and examiner expectations for your architectural design, infrastructure, and operation of information technology systems. The AIO Booklet is designed to replace the former IT Operations Booklet that was originally released in July of 2004. As you are aware there have been significant changes in information security over the years so the Booklet was in much need of being updated to reflect the current and emerging environment Banks operate in. Regulatory expectations have steadily increased since 2004 due to the rapid changes in the threat landscape and need for enhance security and controls. Risk management is essential and a key to ensuring the infrastructure is maintained at a level to meet the ever challenging landscape. As the Booklet states, the functions of AIO comprise a variety of activities, such as network and application design within architecture; selection and placement of physical and virtual technologies within infrastructure; and configuration, deployment, and maintenance of the infrastructure that supports the business within operations. In this overview we will discuss the principles and practices the regulators will be reviewing to assess your AIO functions.

What You'll Learn

We will follow the flow of the new Booklet as we do an overview of:

Architecture, Infrastructure, and Operations Governance

Responsibilities
Policies, Standards, and Procedures
Audit
Communications
Reporting

Data Governance and Data Management

Data Identification and Classification

IT Asset Management

Inventories
End of Life

Diagrams/Topology
Managing Change
Remote Access
Personally owned Devices
Communications
Physical Access and Environmental Controls
Operations
Cloud Computing

Who Should Attend

IT, Operations, Senior Management, IT auditors, Information Security Officers.

Susan Orr

Instructor Bio

Susan Orr is a leading financial services expert with vast regulatory, risk management, and security best practice knowledge and expertise.

As an auditor and consultant, Susan is dedicated to assisting financial institutions in implementing appropriate policies and controls to protect confidential information and comply with regulatory mandates and best practices. Her expertise as an auditor and former examiner provides her the knowledge and expertise to conduct comprehensive IT general control and data security reviews and assist de novo institutions in the vendor selection process, preparing policies and procedures, and instituting controls. She also consults for numerous security providers and vendors helping them align products and services to meet institution regulatory mandates. Susan is a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), and Certified Risk Professional (CRP).

Print this page