The NCUA is getting serious. In our region the Examiner that leads all examiners has an IT security background. The new IS&T exam forms were redesigned in April 2013. From my point of view, the NCUA has leap frogged into reality with this revised IT Examiner workbook. Now does it mean an examiner will know what they are talking about?….. The jury is still out on this. However, can you be better prepared in regards being prepared for the increasing oversight in IT security? Sure you can!
Here is an easy tool I developed that I hope will give you ideas on how you the CIO can prep your staff and Sr. team in regard to the reality of your current IT security program. It is easy to get everyone’s attention when you get a DOR, but it is incumbent for a CU IT leader to communicate with clarity about your IT security reality so that the business understands and can support your IT Security goals and plans.
I hope this tool and approach I have put together gives you ideas that will help you.