IT Examiner School

Board Oversight & Involvement • Establishment of policies, standards, and procedures

• Annual review/approval • Allocation of resources • Informed on security breaches & response • Accountability

Annual Board Reporting

 Risk assessment  Risk management & control  Service provider agreements  Results of testing  Security breaches & response  Status of ID theft/red flags program  Recommendations for changes to Information Security Program

66