by Zach Duke | Jan 24, 2025 | Information Security, Community Banking, Cybersecurity, IT, IT Security, Risk Management
In the world of cybersecurity and third-party risk management, spreadsheets have become a popular tool. Institutions often use them for tasks such as tracking exceptions from audits, managing access rights, and conducting risk assessments. Despite their frequency of...
by Zach Duke | Dec 17, 2024 | Access Mangement, Community Banking, Cybersecurity, FDICIA, FFIEC, Information Security, IT, User Access
For financial institutions subject to FDICIA, the Federal Deposit Insurance Corporation Improvement Act, the annual management attestation is a critical declaration of compliance. It signifies that the institution’s internal controls over financial reporting (ICFR)...
by Zach Duke | Nov 7, 2024 | Risk Management, Community Banking, Cybersecurity, IT, IT Security, Uncategorized, User Access
As highlighted in a recent article from the Federal Reserve, managing third-party relationships and the access associated with those relationships is a critical component of Third-Party Risk Management (TPRM). The associated access third party vendors have to banking...
by Beth Sumner | Oct 30, 2024 | User Access, Community Banking, Cybersecurity, FFIEC, IT
With all eyes focused on AI regulations and the sunset of the Cybersecurity Assessment Tool (CAT), the recently released FFIEC Development, Acquisition, and Maintenance (DA&M) has almost slid under the radar. However, this new booklet is a complete rewrite...
by Zach Duke | Oct 10, 2024 | User Access, Community Banking, Cybersecurity, Data Access Governance, FFIEC, Governance, Information Security Governance, IT
The FFIEC has updated their expectations for access management with the Authentication and Access to Financial Institution Services and Systems Guidance. This guidance expands beyond traditional customer authentication and places a significant emphasis on...
by Zach Duke | Sep 26, 2024 | User Access Reporting, Community Banking, Cybersecurity
Managing access to banking systems has become increasingly complex as financial institutions navigate legacy reporting systems, API access, and cloud solutions. These challenges, along with the risks posed by unmanaged systems, emphasize the need for maintaining a...
