We learned about the importance of a System Map in Step One: Building the Foundation, last week.

This week, we are discussing Step 2 – Start with the Most Important. In this critical step in the user access review process, you will identify the most important systems by identifying the high-risk activities each system performs.

Do you believe the full title? Or do you believe the parenthetic comments are a better descriptor? Here’s a simple and universal truth of the human condition: we tend to avoid tasks we think will be hard. Or complicated. Or time consuming. Or all three!

Alpharetta, GA (November 8, 2022) - Finosec announced that the user access reporting process no longer needs to be labor intensive or complicated, thanks to their User Access Reporting solution. The Finosec solution operates smoothly in tandem with financial institutions and supports more than 100 financial systems and has reviewed more than 11 million user permissions.

Bank examiners and auditors constantly change their expectations. The result is you feel as if your information security practices are trying to hit a moving target while the boundaries shift constantly.

In a video released to FINOSEC Academy, Co-Founder and CEO, Zach Duke, poses some questions around the processes you currently have in place at your institution. Regardless of which department you think of first, it is likely that some outdated processes are still in place, and your information security and cyber security teams are no exception.

ISO Independence

A vital component of your information security program is an information security officer that is independent and adhering to appropriate segregation of duties as outlined by regulatory expectations.