-
Patch deployment – now or later? (with interactive poll!)
We recently saw an examination finding that recommended that “Critical Patches be deployed within 24 hours of notice (of patch release)”. This would seem to contradict the FFIEC guidance in the Information Security Handbook that states that the institution: “Apply the patch to an isolated test system and verify that the patch… (1) is compatible…
-
2012 Compliance Trends, Part 5 – Uncertainty (UPDATE)
Similar to my previous post on Risk Assessments, I believe Uncertainty is also a 2-part trend: – Uncertainty about future regulatory changes, and – Uncertainty about the interpretation of existing regulations
-
Examination Experience Survey – preliminary results
Although the survey is still open, I wanted to discuss one particular trend that I find interesting. (If you’ve already participated, thank you! Please pass the link on to a colleague at another institution. If you haven’t had a chance to fill it out, please do so. The survey will remain open until 8/19). One…