IT Examiner School, Providence, RI

Management • Management has significant responsibilities in overseeing IT activities

– Poor oversight could cause reputational risk – Could result in significant impact to entity

• Statutes and Guidance – Establish best practices – Establish requirements

• IT findings usually occur because: – Management didn’t adequately perform their duties and responsibilities

Resources

Conference of State Supervisors (CSBS) www.csbs.org Federal Financial Institutions Examination Councilʹs (FFIEC) www.FFIEC.gov  Information Systems Audit and Control Association (ISACA) http://www.isaca.org/ Financial Services Information Sharing and Analysis Center (FS‐ISAC) www.fsisac.com  National Institute of Standards and Technology (NIST) www.nist.gov  Krebs on Security http://krebsonsecurity.com/ Bright Talk https://www.brighttalk.com/