To help organizations be better prepared against increasingly inevitable incidents, the Shared Assessments SIG Committee has released “Building Best Practices for Effective Monitoring of a Third Party’s Incident Event Management Program.” The paper outlines a newly developed best practices model of incident event management program creation. This new program tool covers planning, preparation, execution, reporting, and remediation control, to guide a higher level of preparation. It uses a proactive approach and a thorough review of outsourcing risks, as well as the possible disruption of service that could result. The model contains a defined means for protecting data, consumers and the outsourcing relationship. A step-by-step guideline is presented, which can be tailored to each relationship.
Protecting Privacy Rights While Preventing Financial Exploitation
Financial institutions must balance the desire to protect vulnerable clients from financial exploitation with their clients’ rightful expectation that their...