Cloud computing is a technological advancement that can be advantageous to credit unions because of potential benefits such as: cost reduction, flexibility,

Slides:

Advertisements

Similar presentations

Infrastructure Services. Introducing Al-Futtaim Technologies One of the regions leading System Integrators Strong partnerships with leading global ICT.

Advertisements

Managing Outsourced Service Providers By: Philip Romero, CISSP, CISA.

Credit Unions are required to provide a list of homeownership counseling organizations to members applying for a mortgage loan within three business days.

Discovery – The Next Generation!: Business Context of Risk Presentation to the North London Branch British Computer Society 19 March, 2008 Dr. Victoria.

FinCEN Director Jennifer Shasky Calvery stated: “Now that some states have elected to legalize and regulate the marijuana trade, FinCEN seeks to move.

Since 2011 credit unions have been increasingly engaging in private student lending: Private student loan funding has grown 33%, from $1.5 Billion to.

Auditing Corporate Information Security John R. Robles Tuesday, November 1, Tel:

“High Performing Financial Institutions and the Keys to Success in an Uncertain Environment”

In January 2013, the Consumer Financial Protection Bureau (CFPB) issued eight final mortgage rules pursuant to the Dodd- Frank Wall Street Reform and.

1 Vendor Evaluation: Selecting for Success Dana McCormick Wells Fargo Home Mortgage Delivery Services Baltimore PCC Education Seminar April 27, 2007.

Grow Your Business through Contact Centre Outsourcing Fanny Vaz Director, Personal Market Unit, CTM.

Security Controls – What Works

One Firm. One Team. Countless Opportunities. Baruch College Come out to network and learn more about a career with KPMG that is far beyond coding !

Page 1 Recording of this session via any media type is strictly prohibited. Page 1 The Cloud: A Necessary Risk for Business.

Affiliated Information Security Collaborative An Affiliated Enterprise Approach to Information Security Deans and Vice Presidents Meeting April 17, 2014.

Copyright © 2014 Lender Performance Group, LLC. All rights reserved. Managing risks associated with third-party relationships, in other words Vendor Management.

Guidance for Managing Third-Party Risk Chicago Region Regulatory Conference Call December 8, 2010.

A credit union authority to invest in derivatives is limited to and has been granted exclusively for the purpose of reducing interest rate risk exposure.

- The views in this paper/presentation are solely the responsibility of the author/s and should not be interpreted as reflecting the views of the Board.

TOP 10 TECHNOLOGY INITIATIVES © Robert G. Parker S-1 9. Preventing and Responding to Computer Fraud IT Security Ranked #2 Preventing and Responding.

Information Security Issues at Casinos and eGaming

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

Credit unions use social media in a variety of ways, including marketing, providing incentives, facilitating applications for new accounts, inviting feedback.

Dealing with collection issues can be one of the most difficult issues a credit unions faces, because it involves a breach of trust with the member based.

NCUA Loan Participations

The information in this presentation comes from the NCUA Letter to Credit Unions 14- CU-02 and was provided by the NCUA to assist credit unions in preparing.

September 14, David A. Reed Attorney at Law Reed & Jolly, PLLC (703)

The TILA-RESPA rule does not apply to: HELOCs; Reverse mortgages; Mortgages secured by a mobile home or by a dwelling that is not attached to real property;

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.

Supervision of Information Security and Technology Risk Barbara Yelcich, Federal Reserve Bank of New York Presentation to the World Bank September 10,

The Escrow Closing Notice must be provided to a member prior to cancelling their escrow account if an escrow account was established in connection with.

The information reviewed in this presentation stems from InfoSight and was provided with the assistance and advice of the New Jersey Credit Union League,

© Dr. John T. Whiting All Rights Reserved Slide 1 Achieving Compliance with GBLA & Other Laws and Regulations Impacting.

℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.

Credit union electronic filing will:  Reduce the expenses of printing and mailing paper forms;  Reduce NCUA operating costs;  Reduce staff processing.

When considering policies and procedures it is easily understood that both are essential in the guidance of credit union operations. Due to the similarities.

The ultimate responsibility for governance over a covered credit union’s capital planning and analysis process rests with the credit union’s board of.

FCU may only invest in property – It intends to use to transact credit union business; or In property that supports the credit unions’ internal operations.

The NCUA amended the CUSO regulation to increase transparency and address safety and soundness concerns for the credit union industry.

Internal Audit Considerations for Cybersecurity Risks Posed by Vendors October th, 2015 Chicago IIA Chapter’s 2 nd Annual IIA Chicago IT Hacking.

Total Threat Protection Securing All Your Threat Vectors Hartford Tech Summit.

Credit unions continue to research new ways to serve their members and grow their field of membership. Credit unions further define themselves and their.

FFIEC Cyber Security Assessment Tool

Risk Management for Small & Medium Sized Enterprises

Fred Carter Senior Policy & Technology Advisor Information and Privacy Commissioner Ontario, Canada MISA Ontario Cloud Computing Transformation Workshop.

Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.

Dino Tsibouris (614) Cloudy with a Chance of Lawyers: Legal issues in Cloud Computing Contracts.

Chapter 2 Incident Response Management Handbook Spring Incident Response & Computer Forensics.

The Department of Internal Affairs Keeping records in the cloud Patrick Power Manager, Government Recordkeeping Programme.

By Hajira Fatima Safa Mohammed Zaheer Abid Ali. Cloud computing is a result of evolving and adopting existing technologies. The goal of cloud computing.

Cyber Security for the real world Tim Brown Dell Fellow and CTO Dell Security Solutions.

Cyber Threat Intelligence Program Primer NASCUS August 1, 2016 Chicago, IL Christina Saari, Senior Cyber Intelligence Officer National Credit Union Administration.

JOHN M. HUFF NAIC PRESIDENT DIRECTOR, MISSOURI DEPARTMENT OF INSURANCE JUNE 16, 2016 NAIC CYBERSECURITY INITIATIVES.

Information Security Program

PhD Oral Exam Presentation

Value Analysis and Benefit/Risk Methodologies Pertemuan 25-26

IT Professional Perspective IT Strategy, Policy and Governance

Department of Management of information security DMYTRO RABCHUN

Content Access Solution (CAS)

Zero-Code Solution on Azure Helps Businesses Optimize Processes with Automation and Agility “Implementing Azure has empowered us to help our customers.

CMGT 582 Competitive Success/tutorialrank.com

CMGT 582 Education for Service-- tutorialrank.com.

GRC - A Strategic Approach

University of Maryland Robert H. Smith School of Business

OU BATTLECARD: Oracle Identity Management Training

Final exam question format

Final exam question format

Requirements engineering in Cloud Computing

Presentation transcript:

Cloud computing is a technological advancement that can be advantageous to credit unions because of potential benefits such as: cost reduction, flexibility, scalability, improved load balancing, and speed.

The Federal Financial Institution Examination Council (FFIEC) considers cloud computing to be another form of outsourcing with the same basic risk characteristics and risk management requirements as traditional forms of outsourcing.

When considering a cloud computing solution it is required that credit unions evaluate: Data Classification; Data Segregation; and Recoverability.

The credit union may have to provide additional controls to manage a cloud computing service provider.

The credit union must have agreements that are specific as to the ownership, location and format of the credit union’s data, and dispute resolution processes.

The FFIEC states that “Financial institutions that contemplate or use a cloud computing model in which all or part of the service is outsourced have to consider the fundamentals of risk and risk management defined in the FFIEC Information Technology Examination Handbook, especially the Outsourcing Technology Services Booklet.”

The credit union’s management process for cloud computing resources should include effective monitoring of security-related threats, incidents, and events on both credit unions and servicers networks; comprehensive incident response methodologies; and maintenance of appropriate forensic strategies for investigation and evidence collection.

Often these solutions are provided overseas, due to the cost benefits. If this is the case the provider may not be aware of or comply with the myriad of regulatory requirements credit unions must comply with, including: privacy, security incidence response, record retention, and information technology requirements.

Thank you for joining me for this review of Cloud Computing. Shawn Wolbert, CIA, CUCE Director CU System Relations 101 S. Washington Square, Suite 900 Lansing, MI (800) Ext. 486 (734) Mobile Follow me on Twitter – Shawn Go2CUGuru

Resources: FFIEC Guidance: _external_cloud_computing_-_public_statement.pdf _external_cloud_computing_-_public_statement.pdf FFIEC IT Handbook: FFIEC Outsourcing Technology Services: