Compass IT Compliance Blog / Risk Management (5)

FFIEC Guidance: Revision vs. Update

by Geoff Yeagley on December 8, 2015 at 10:00 AM

FFIEC Guidance: Revision vs. Update

When it comes to technology, we hear of terms that are often times confused and interchanged. Some examples of these terms might include Vulnerability Scanning and Penetration Testing. Another example might be the age old debate of Risk Assessment versus Audit. While seemingly similar …

Read Story

Topics: Vendor Management Compliance Security IT Audit Risk Management

IT Security Best Practices: Segregation of Duties

by Geoff Yeagley on December 4, 2015 at 11:35 AM

A group of five business professionals celebrate

We hear the phrase “Segregation of Duties” talked about quite a bit when we talk about IT Security. One reason as to why this is such a talked about and ultimately important topic has to do with the fact that the risks associated with Segregation of Duties often go unnoticed until the …

Read Story

Topics: Compliance Security IT Audit Information Security Risk Management

FFIEC Guidance: Significant Changes to the Management Booklet

by Geoff Yeagley on November 18, 2015 at 10:00 AM

FFIEC Guidance: Significant Changes to the Management Booklet

On November 10th, the Federal Financial Institutions Examination Council (FFIEC) issued a revised Management booklet which is a part of the IT Examination Handbook. This is considered a major revision of the booklet and the first one to take place since 2004. As just a quick overview, …

Read Story

Topics: Compliance Security IT Audit Risk Management
1 2 3 4 5

See all

See all

Subscribe by email