Performing a thorough enterprise-wide risk assessment is essential to ensure compliance with regulatory mandates and guidance, like section 501 (b) of GLBA, AML/BSA, BCP, and stronger authentication. A risk assessment is also fundamental to developing an audit program and imperative for developing a strong security program.
A review of the institution's risk assessment is a key element of FFIEC IT examinations and IT audits. Examiners will not only review the outcome of your risk assessment, but will want to see documentation to support the process you used and the reports provided to the board.
This workshop will focus on the risk assessment process for a community bank, including a sample matrix that can be adapted for your institution.