12:00 pm – 1:30 pm PT
1:00 pm – 2:30 pm MT
2:00 pm – 3:30 pm CT
3:00 pm – 4:30 pm ET
Do you know the difference between a risk assessment, an IT audit, and an IT compliance assessment? These can mean different things, depending on the speaker and audience. This session will examine different types of risk assessments and IT audits that organizations frequently need and address the pros and cons of each. Attendees will receive practical recommendations and insights to improve their IT risk management program and IT risk assessments.
Continuing Education: Attendance verification for CE credits upon request
- Pros and cons of different types of IT risk assessments
- How to explain overlap with the FFIEC cybersecurity risk assessment guidance on an IT risk assessment
- Case study example of asset-based IT risk assessment
- Examples of IT risk assessment models from a variety of standards, governance, and compliance frames such as NIST, CIS, etc.
- Common risk mitigation strategies
- TAKE-AWAY TOOLKIT
- Sample IT risk assessment work program
- Sample standards document for IT risk assessments, IT audits, and IT penetration testing
- Employee training log
- Quiz you can administer to measure staff learning and a separate answer key
WHO SHOULD ATTEND?
This informative session is designed for those responsible for risk management, including internal auditors, IT operations, and executive management with oversight of the IT and cybersecurity operations.
NOTE: All materials are subject to copyright. Transmission, retransmission, or republishing of any webinar to other institutions or those not employed by your financial institution is prohibited. Print materials may be copied for eligible participants only.