As artificial intelligence (AI) becomes more integrated with business operations, it’s increasingly important to develop clear policies to manage AI-related risks, maintain compliance, and uphold ethical standards. Here’s what you should consider when creating an AI policy for your organization.
Tabletop exercises are often labeled as pain points and seen as just another “to do” item on the compliance checklist. Yet, if done well, they can be a huge value-add to your organization’s resilience.
This article will give six simple steps to conduct an effective tabletop exercise.
Succession planning is essential for credit unions to ensure smooth leadership transitions and maintain operational stability. With the recent NCUA Succession Planning Rule, all federally insured credit unions must have a formal succession plan. But how prepared are credit unions to meet this new requirement?
During a recent webinar about the new Succession Planning Rule, 70 credit unions participated in poll questions assessing credit unions' readiness and resulting in some key insights.
Federal banking agencies have emphasized that AI can be both beneficial and harmful, highlighting the need for careful use. Let’s look at some of the specific things that regulators have said about AI.
Learn about the NCUA's new final rule on the topic of Succession Planning. Get a quick overview on how to respond to this rule within your credit union.
Model risk management is an evolving topic for community banks and credit unions. While models have been around for a long time, their prevalence in artificial intelligence (AI), machine learning (ML), and other software applications makes understanding and managing them more important than ever. Let’s dive into some frequently asked questions about model risk management.
Learn the capabilities and limitations of AI, as well as the current cybersecurity threats and applicable controls.
On August 29, 2024, the FFIEC announced they would be sunsetting the Cybersecurity Assessment Tool (CAT) effective August 31, 2025. For the last ten years, the CAT has been a staple for many financial institutions’ cybersecurity programs. As a result, many institutions now face the question: “Which cybersecurity framework should I use?” Let’s talk about how to pick a cybersecurity framework.
On August 29, 2024, the Federal Financial Institutions Examination Council (FFIEC) released a new Development, Acquisition, and Maintenance (DA&M) booklet, as part of their IT Examination Handbook. This new booklet supersedes and replaces the previous Development & Acquisition (D&A) booklet.
A service level agreement (SLA) is a specific type of contract between a vendor and a business. It defines performance measures and compensation options for the times when a vendor can’t hold up their end of the bargain. Let’s dive into some specifics about what this looks like and what you (as a vendor manager who cares about information security) need to do about it.
On June 3, 2024, the Securities and Exchange Commission (SEC) published a final rule titled Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Customer Information. The rule amends 17 CFR Part 248 and enhances the SEC’s cybersecurity and incident response requirements.
