ACUIA Webinar Series:
Incident Response for Unauthorized Access
Wednesday October 26, 2016 - 12:00pm EST
As NCUA pointed out this year, incident response procedures are a key part of a credit union’s information security program. NCUA field staff will be reviewing credit unions’ incident response programs over the next couple of years. Appendix B to Part 748 of NCUA rules and regulations, Guidance on Response Programs for Unauthorized Access to Member Information and Member Notice, outlines the minimum components of an incident response program that federally insured credit unions need to develop and implement, but is it enough?
This webinar will discuss the current trends and needs of credit unions.
Catherine Bruder, Shareholder, Financial Institutions Group, Doeren Mayhew
For over 26 years financial institutions, service organizations, data centers, health care insurers, technology vendors and manufacturers have called on her to evaluate and design internal control and system management processes. As a national expert in Service Organization Control (SOC) reporting, including SOC 1, 2 and 3, Catherine is an instructor for the leading AICPA SOC School for auditors and organizations using SOC reports, as well as an acclaimed speaker on SOC reporting throughout the United States. She designs audit programs to comply with various regulatory standards including the Federal Financial Institution Examination Council, Model Audit Rule for Health Care Insurers, Health Insurance Portability and Accounting Act (HIPAA), Sarbanes-Oxley Section 404 and the Gramm-Leach-Bliley Act of 1999.
In addition, Catherine is the Practice Leader of the firm’s Information Technology Assurance Group. From internal and external vulnerability assessments, to completing penetration and general controls testing, to dealing with the compliance complexities of Sarbanes-Oxley Section 404, SSAE 16 and Model Audit Rule, she leverages her in-depth experience to help clients manage all their information technology assurance needs.
Catherine is a contributing author to several publications for the AICPA, including the Service Organization Controls Quick Reference Guide, as well as the AICPA Audit Guide Assessing and Responding to Audit Risk in a Financial Statement Audit. Additionally, she has published several articles on information security and internal controls.