CFT
Webinars are purely educational. Instructors are not permitted to sell any
products or services during the presentation.
Program Content:
Each of
our regulators say this in a similar way, we must understand the security
controls of a third party “to the same extent” as we understand our own
internal controls. This is challenging, as some of our vendors share few
details about controls. Our industry currently relies heavily on the new
SSAE18 Audit Report and the Service Organization Control (SOC)2 reports
provided by vendors. What are the differences between these two reports,
and which should we be requesting? And once we obtain them, how do we
understand the security controls to the “same extent” as our own?
We will
explore the different types of SOC reports provided by vendors and
highlight the best items that should be requested from vendors. Each of
these reports serves a different purpose and will provide different value
to your institution. In addition to what reports to ask for, we will
explore them in detail to highlight what to look for and how to fill in the
gaps to ensure your understanding security to the “same extent”.
Covered
Topics:
- Third Party Management best practices
- Fourth Party Management assistance
- Updated Regulatory Expectations
- Existing Regulatory Review
- SSAE16 vs SSAE18 standard changes
- SOC1, SOC2, SOC3 Audits
- SOC Reports Type 1 and Type 2
- Other items useful in vendor reviews
- Detailed due diligence and contract questions
Who
Should Attend?:
Information
Security Officer, IT Manager, Risk Officer, Internal Auditor, CFO, and
Executives looking to understand the risk around Vendor Management. Please forward email to appropriate
person(s).
Instructor:
Jon
Waldman
is a co-founder and Senior Information Security Consultant for SBS
CyberSecurity, LLC, a premier cybersecurity consulting and audit firm
dedicated to making a positive impact on the banking and financial services
industry. He maintains his CISA and CRISC certifications and received his
Bachelor of Science in Computer Information Systems and his Master of
Science in Information Assurance with an emphasis in Banking and Finance
Security from Dakota State University. Over the last ten years Jon has
helped hundreds of financial institutions across the country create and
implement comprehensive, valuable, and manageable Information Security
Programs. He also conducts webinars and certification programs for the SBS
Institute..
What
Is A Webinar?:
A
webinar combines the clarity of an audio teleconference with the
interactivity and visual presentation of the internet. All you need to
participate is a telephone and an internet connection. Even if you don't
have an internet connection, you can still participate in the audio
session. Listening to the program over the telephone and following the
written materials is an effective alternative!
Unable
To Attend?:
No
problem. You can purchase a recording of the webinar for future use. You
can choose from either an On-Demand Web Link (Good for 6 months from the
webinar date, unlimited use) or a CD-ROM (includes a paper copy of the
PowerPoint slides).
Viewing
Options (all options include applicable handouts):
All
options include applicable handouts. You can choose to pay by credit card
or be billed. Additional Live Webinar connections are $75 each.
Option 1: Live
Webinar and 7 Days OnDemand Video Playback - $265
Option 2:
OnDemand Video (six months access) - $295
Option 3: Live
and 6 Months of OnDemand Video - $365
Option 4: CD-ROM
Video (Includes OnDemand Video) - $345
Option 5: Entire
Package (all of the above) - $395
Powered by Total Training Solutions!
|