As training is a key element in creating awareness and understanding of you policy and procedures, Security Compliance Associates will conduct on-site Information Security Program training.
Employee training typically consists of one day on-site, with a maximum of four sessions. Additional days and/or additional sessions are available at additional cost.
The training, which is designed for presentation to all employees, will:
- Introduce and explain the institution’s Information Security Program.
- Provide instruction that teaches staff to recognize a perceived or actual attack or threat, and also to take appropriate action to inform the right people in a timely manner.
- Provide instruction that teaches staff to respond appropriately to customers or members inquiries and requests for assistance when sensitive consumer information has been compromised.
- Provide instruction that teaches staff to take appropriate action to prevent, detect and mitigate the incidence of identity theft.
- Provide instruction on the proper care, handling and use of member information and other vital records and information.
- Address appropriate use of email, Internet, and other computer resources with an emphasis on critical issues identified by management.
Training sessions are sixty to ninety minutes in duration, depending on the format and content selected by management. At the institution's discretion, training may be presented directly to employees or in a "train the trainer" format.
Training and hand out materials are provided to the institution in electronic (CD) form as well as one copy in printed form.
Employee Use Guidelines and session handouts for attendees are not included, but are available at additional cost.
Security Compliance Associates(SCA) approach to Information Security Policy and Procedures begins with a review of the institution's existing information security policies, standards, practices and procedures and provides an assessment based on compliance with FRS, FDIC, OTS, OCC, or NCUA Regulations, FTC, PCI-DSS, HIPAA and FFIEC guidance, industry standards and Security Compliance Associates's best practices. The resulting report provides a solid basis for drafting/revising the Institution's Information Security Policies and Procedures.
Security Compliance Associates (SCA) will review, revise, modify and document existing information security policies and procedures, draft additional policies and procedures as necessary to enhance and organize our clients written policies and procedures utilizing a three-tiered compliance model. All of our customized information security method recommendations accepted by your management during the Policy and Procedure review will be integrated into the documents to be produced by SCA for your institution exclusively.
Microsoft yesterday issued 13 security updates that patched 22 vulnerabilities in Internet Explorer, Windows, Office and other software, including one that harked back two decades to something dubbed "Ping of Death."
Microsoft released 13 security bulletins, patching 22 vulnerabilities across its product line, including two critical updates affecting Internet Explorer and the Windows DNS Server. While Microsoft issued fewer updates this month, August was still marked as a busy month for system administrators.
Hackers flying the AntiSec banner today released what they said was 400 megabytes of internal data from a government cybersecurity contractor, ManTech, as part of their campaign to embarrass the FBI every Friday, as well as target other government agencies and their partners.
The U.S. Attorney's Office in Houston has brought charges against four men for stealing more than $400,000 as part of an ATM skimming scam targeting local banks.
Morgan Stanley Smith Barney is the latest company behind Sony and Epsilon to have its customers' personal data compromised.
A gang that made more than $72m (£45m) peddling fake security software has been shut down in a series of raids.
