Compliance Guru® Logo
  • Ask the Guru
  • The Guru SpeaksPlaces I’ve recently been published: White Papers: Enterprise-wide Recovery – The Business Impact Analysis,  A Guide for Senior Management (available for download at the Resources page) Disaster Recovery and Strategic Planning – Aligning Policy, Procedures and Practices (available for download at the Resources page) Publications: Florida Banking Resource Guide 2010 – Risk and Recovery:  A Cost Analysis Methodology Bank Fraud and IT Security, April 2010 – Reducing Risk through Effective Disaster Recovery Planning
  • About

  • FFIEC Issues Final Social Media Guidance…and Challenges Remain

    Originally proposed back in January 2013, and following a comment period in which they received and evaluated 81 official comments, the FFIEC has at last released their final guidance for financial institutions engaging in social media activities.  I expect all the regulatory agencies to adopt it soon (the FDIC has already, and pretty much verbatim). […]

    December 17, 2013

  • FFIEC Issues Proposed Social Media Guidance

    (UPDATED – Added link to public comments) Just out, this document is really a request for comments on the proposed guidance, but final guidance is likely to follow this very closely…and very quickly.  As many financial institutions are probably getting their social media policies together now (or updating existing policies), this is a must read.  […]

    January 24, 2013

  • Technology Service Providers and the new SOC reports

    What do all of the 2012 changes to the IT Examination Handbooks have in common?  They are all, directly or indirectly, related to vendor management.  I had previously identified vendor management as a leading candidate for increased regulatory scrutiny in 2012, and boy was it.  (Not all of my 2012 predictions fared as well, I’ll […]

    December 11, 2012

  • Managing Social Media Risk – LinkedIn Edition

    By now everyone has heard about the breach at LinkedIn, where 6.5 million email password hashes were leaked (over half of which have been cracked, or converted into plain text).  Those who read this blog regularly know how I feel about social media in general: “So managing social media risk boils down to this:  You […]

    June 12, 2012

  • 5 Keys to Understanding a SOC 2 Report

    Although I have written about these relatively new reports frequently, and for some time now, it still remains a topic of great interest to financial institutions.  Fully 20% of all searches on this site over the past 6 months include the terms “SOC” or “SOC 2”, or “SAS 70”.  Some of this increased interest comes […]

    June 4, 2012

  • SOC 2 vs. SAS 70 – 5 reasons to embrace the change

    The SOC 2 and SOC 3 audit guides have recently been released by the AICPA, and the SAS 70 phase-out becomes effective tomorrow.  The more I learn about these new reports the more I like them.  First of all, as a service provider to financial institutions we will have to prepare for this engagement (just […]

    June 14, 2011
1 2 3 … 11
Next Page→

Compliance Guru

© 2023 Safe Systems, Inc. All rights reserved.