Risk Assessment – Board & Management Oversight Risk ... - Bankers Online
Risk Assessment ? Board & Management Oversight
Risk Description Board Oversight
Completely Implemented
Partially Implemented
Aware, But Not Implemented
No Awareness
Not Applicable
Risk Rating
1 Has the Board approved the bank's written information security policy and program that complies with the GLB Act's Guidelines?
2 Does the Board oversee management's efforts to develop, implement, and maintain an effective information security program?
3 Has the Board approved the bank's written Internet Banking policy and/or policies that complies with the interagency guidelines?
4 Does the Board oversee management's efforts to develop, implement, and maintain an effective Internet Banking program?
Management Oversight
5 Has management developed, implemented, and maintain an effective information security program that complies with the GLB Act's Guidelines?
6 Does management evaluate the impact on the bank's security program of changing business arrangements, such as mergers and acquisitions, alliances and joint ventures, outsourcing arrangements, and changes to customer information systems?
7 Does management document its compliance with the Guidelines?
8 Does management report to the Board on the overall status of the information security program?
Risk Assessment
Risk Description
Completely
Partially
Aware,
No
Not
Risk
Implemented Implemented
But Not
Awareness Applicable Rating
Implemented
9 Does management make
reports to the Board which
include all material
matters in five areas: (1)
risk assessment; (2) risk
management and control
decisions; (3) results of
testing; (4) attempted or
actual security breaches or
violations and responsive
actions taken by
management; and (5) any
recommendations for
improvements in the
information security
program?
10 Does management
develop, implement, and
maintain an effective
Internet banking program
that complies with the
interagency requirements?
11 Has management conducted a thorough risk assessment for the categories and/or areas applicable to Internet banking service?
12 Has management developed internal policies and/or procedures to effectively maintain the risks identified?
13 Has management conducted and implemented appropriate measures for vendor outsourcing?
14 Based upon the risks identified through the assessment, has management established internal controls and purchased additional insurance coverage to mitigate the risks associated with Internet Banking?
15 Does management meet regularly to review outstanding issues and monitor progress on implemented controls?
16 Does management report to the Board on the overall status of the Internet Banking program?
Risk Assessment
Risk Description
Completely
Partially
Aware,
No
Not
Risk
Implemented Implemented
But Not
Awareness Applicable Rating
Implemented
17 Has management
established appropriate
response programs in the
event of computer or other
technological failure,
including, where
appropriate, reconstructing
lost or damaged customer
information
(contingency/disaster
recovery)?
18 Does management provide adequate training to all employees according to their job specifications?
19 Has management established regular documented testing of the key controls, systems, procedures, contingency and recovery plans?
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related download
- jp 4 01 the defense transportation system
- defense to a payor bank s liability for late returns inside this
- frequently asked questions for bank customers affected by coronavirus
- section b documentation requirements overview
- for customers with special needs and persons with disabilities hdfc bank
- why do mortgage need bank statements
- agreements bank plans and fees for everyday banking bmo
- section 11 1 international banking
- bank liquidity requirements an introduction and overview
- risk assessment board management oversight risk bankers online
Related searches
- risk assessment for p2p payments
- risk assessment examples for banks
- nist risk assessment template
- nist cybersecurity risk assessment template
- nist risk assessment template xls
- nist risk assessment model
- nist risk assessment questionnaire
- nist csf risk assessment template
- nist risk assessment checklist
- nist risk assessment pdf
- risk assessment steps nist
- nfpa 99 risk assessment template