Information Security

 View Only
  • 1.  Vendor Management with CISSP

    Posted 08-12-2020 08:44 AM
    I did the cybersecurity webinar from Venminder yesterday, and it was recommended that security reports / audits/  pen tests be reviewed by a certified professional with CISSP certificate.  My background has always been IT, IT manager for multiple banks, but my role changed to just focus on vendor management at my current Bank.  Have you seen a vendor management person get their CISSP to enhance their vendor reviews?   I also work closely with the IT department and manage all their policies - Info security, incident response, BCP / DR, Pandemic, Cyber incident responose, and the GLBA risk assessment. 
    Something to consider?


  • 2.  RE: Vendor Management with CISSP

    Posted 08-12-2020 09:13 AM
    I have not come across a vendor management responsible person with a CISSP certificate, but I'm positive that I have only met a small portion of us out there.
    However, I am in a similar position to yours.  I am our IT back-up person, I handle vendor management, BCP/DR, all policies and procedures, and all risk assessments.   
    There have been times I have reached out to a third-party IT specific group for support when I have had questions.  Not seeing where the CISSP is going to come into play until there are multiple people handling nothing but vendor management for the FI.