Legal Seminar, Denver, CO
Audits and Compliance: Account and User Reviews
• Review CSBS personnel with NMLS access every six months – Least Privilege – Need to Know
Request
Validate
Authenticate
Review
Modify
NMLS 1.0
Hosted and managed by the Financial Industry Regulatory Authority (FINRA)
• Point‐in‐time visibility into vulnerabilities • Single Security Operations Center (SOC)
• Modify patching cycles based on risk‐based decisions • Advisories, monthly vulnerability scans, audits
Patching decisions made as part of Risk Management Program
Monthly reports to CFPB
Incident response and disaster recovery capabilities tested annually
Made with FlippingBook - Online magazine maker