WolfPAC Integrated Risk Management Blog

One Big Blindspot in Your Business Continuity Testing

You’ve been busy on your business continuity plan ("BCP"). You know how long it will take you to get your systems back up. Your alternate site is selected and ready to spring into action should the need arise. But what about everything that comes before? Do the people in your organization know what to do prior to the disaster declaration? Are you 100% certain they would know what to do and who’s responsible for what? Are you willing to bet the organization on it? If you can’t respond with a resounding yes then conducting a Tabletop Exercise could be the missing piece in your BCP Testing program.

... Read more
| Author Tracy Hall, tagged in Business Continuity, Business Continuity Planning, Disaster Recovery, Disaster Recovery Planning

How New York Cybersecurity Requirements are Changing

The New York Department of Financial Services (NYDFS) implemented Cybersecurity Requirements for Financial Services Companies with the goal of protecting New York financial service institutions and their customers from cyber-threats. This unprecedented rule covers entities who fall under the authority of the NYDFS, including banks, insurance companies and financial service institutions with limited exemptions based on employee and asset size. Although the rules are effective on March 1st, there is a transitional period ranging from 180 days to 2 years for the regulatory requirements.

... Read more
| Author Cynthia Boehmer, tagged in Cybersecurity, IT Risk Assessment

Don't Miss our Last IT Evolution Webinar!

Every month since December, we have hosted a webinar focused on giving our clients and prospects a ton of information about the changes happening to our Information Technology module. We have covered the common controls framework that manages how often you have to input a specific control that spans all technologies. We have showed off our contextual questionnaires that cut down the number of questions your team has to answer for each risk assessment, so they only have to fill out what's relevant to that technology. We've also showed you how to map your controls to your threats, to ensure that you identify any gaps you may currently have in your system, to quickly and easily remediate them.

... Read more
| Author Stephanie Vogel, tagged in Information Technology, IT Risk Assessment, IT Risk

Learn About Changing Risk in 2017

Every year, the American Bankers Association hosts their ABA Risk Management Conference, focused on the evolution of risk in the financial industry, and the methods used to help analyze and control them within your institution. This year promises to be no different, with over 30 strategic and practical sessions built into the three day conference to help parse through some of the biggest upcoming changes we are likely to encounter.

... Read more
| Author Stephanie Vogel, tagged in Enterprise Risk Management, ERM

Aligning Your ERM Governance and Risk Appetite Statement

Last month, the Western Independent Bankers (WIB) hosted the first in a three part Enterprise Risk Management webinar series with Randy Marsicano presenting on the Keys to an Effective ERM program. On February 15th, Drew Coveney, CIA and Internal Audit Supervisor for Wolf & Company will be presenting the second installment:

... Read more
| Author Stephanie Vogel, tagged in Enterprise Risk Management, Risk Appetite Statement, ERM, Risk Governance

Evolving the IT Risk Assessment

Last week, Bharat Nair and Manny Centeio hosted a webinar about the new evolution of the WolfPAC IT Risk Assessment module. During the webinar, Manny walked through many of the administrative functions that cover every IT assessment. Part of this demonstration showed you how to utilize the robust common control framework built into the system. This means that the controls implemented across every technology are only input once, and no longer have to be entered for each individual assessment.

... Read more
| Author Stephanie Vogel, tagged in Information Technology, IT Risk Assessment, IT Risk

New York Transaction Monitoring and Watch List Filtering Program Set to Take Effect

Starting on January 1st, New York chartered and regulated bank and nonbank institutions will be required to implement and maintain a Transaction Monitoring Program and a Watch List Filtering Program. The purpose of these programs will be to monitor and filter transactions for potential violations to the Bank Secrecy Act (BSA) or Anti-Money Laundering (AML) regulations. This will also work to prevent transactions with sanctions entities.

... Read more
| Author Cynthia Boehmer, tagged in BSA, Regulatory Compliance, Bank Secrecy Act

Subscribe To The WolfPAC Blog

Stay up to date with Enterprise Risk Management news, topics, and trends.