Cyber & IT Supervisory Forum - November 2023
Internal Use Only
Agenda Risk assessment requirements Key concepts and examples • Risk assessment • Risk ‐ based audit planning
3
3
Internal Use Only
GLBA Details
Base your information security program on a risk assessment that identifies reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information … and assesses the sufficiency of any safeguards in place to control these risks.
4
4
Made with FlippingBook Digital Publishing Software