What Not to Write: 5 Common Policy Writing Mistakes
The purpose of this article is to put policies into a 360-degree mirror and shed some light on a few areas which may need a little care.
Thanks for visiting our
Tandem Blog
Get our blog posts straight to your inbox.
You have been successfully subscribed to our newsletter.
The Vendor Manager’s Guide to Subcontractor Risk Management
Through the vendor management process, you take steps to make sure your vendors are secure and resilient, but what about their third parties? Do your vendors hold their subcontractors to the same standard of excellence? How can you know?
12 Simulated Phishing Templates to Cover Your Calendar Year
It can be difficult to muster up the creativity for something relevant month after month. In this article, we offer a phishing template and theme for each month of the year to help inspire you for your next phishing test campaign.
A Complete History of the FFIEC CAT
The purpose of this article is to provide a comprehensive timeline of the FFIEC CAT and how its implementation has changed over the years.
Top Risk Assessment Software Features to Consider Before You Buy
This article will look at the top features to consider when evaluating an information security risk assessment software solution, including elements related to inherent and residual risk calculation, inventory and prioritization of assets, risk response, and reporting.
The OCC’s Cybersecurity Supervision Work Program (CSW)
Here’s a closer look at the OCC’s Cybersecurity Supervision Work Program, with five essential takeaways for community banks preparing for the revised exam procedures.
Top Policies Software Features to Consider Before You Buy
In this article, we will look at the top features to consider when evaluating a policies software solution, including features related to policy wording and structure, custom policies and categories, creating an acceptable use policy, download documents, and more.
Reportable Cyber Incidents: An Overview of the NCUA’s New Notification Rule
This article looks at the NCUA's Cyber Incident Notification Rule, including the final rule's development, key details, and required actions for credit unions.
New Third-Party Risk Management Guidance: What Community Banks Need to Know
Three of the federal banking agencies published new guidance on Third-Party Relationships: Risk Management. Here are eight things community banks need to know about it.
Top BCP Software Features to Consider Before You Buy
In this article, we’ll look at top features to consider and questions to ask when evaluating a BCP/DR software solution, including features related to business impact analysis, user access, emergency communications, ease of use and reliability, and reporting.
An Overview of Freddie Mac’s Updated Information Security Requirements
Published Date:
This article is an introduction to the new requirements released by Freddie Mac, as well as a summary of what’s new, what’s changed, and what you may need to do about it.