(ON DEMAND) Director Series: What the Board Needs to Know to Manage IT

Email to Order the Recording + Free Digital Download

How much trouble would your institution be in if its computer systems could not be used for three days? Today’s financial institutions are tremendously dependent on their information systems – in fact they can’t live without them. Proper supervision, governance, and oversight are critical to the success of the bank.

This webinar will explore the directors’ role in providing governance and supervision related to IT management. It will address the necessary frequency and depth of risk assessments; how to structure a standards-based change management process; the core elements of a vulnerability monitoring and management program; and oversight of the incident response program.

HIGHLIGHTS
Review of the FFIEC’s updated guidance for IT risk management (ITRM) including risk identification and management
Change-management and exception-management processes:
System and software development life cycle
Vulnerability management
How to balance the institution’s needs within the constraints of vendor/service provider management

TAKE-AWAY TOOLKIT
Sample policies for vulnerability management
Sample table top exercise for testing your institution’s cyber-incident-response program
Employee training log
Quiz you can administer to measure staff learning and a separate answer key

Attendance verification for CE credits provided upon request.

WHO SHOULD ATTEND? Board members, CEOs, staff responsible for management and oversight of internal audit, IT audit, risk management, and operational management.

ABOUT THE PRESENTER – Randy Romes, CISSP, CRISC, MCP, CliftonLarsonAllen LLP, has been a consultant since 1999 and brings a strong background in computer technology, physics, and education. As a Principal in the Information Security Services Group, Randy leads a team of technology and industry specialists and is responsible for the continuing development of the open-source, Unix, and Windows applications used in security audits. Randy has been involved in developing numerous leading-edge hacking/testing methods and security service offerings. A featured speaker at national information and security management conferences, Randy holds multiple certifications, a Master’s in Educational Technology from the University of Saint Thomas, and a Bachelor’s in Education from the University of Wisconsin – Madison. In addition, he is an instructor at the Graduate School of Banking at the University of Colorado in Boulder.