We just had our Information Security/Network Security & Penetration test and our external auditors are telling us that we should have a Technology Committee.
I’m wondering how many of you actually have a true committee or if you let particular members of Management to handle the process. Below is the wording from the report.
The Credit Union has not formed the Information Technology Committee (ITC or IT Committee) to oversee information technology and data processing activities and to be responsible for the long-term technology direction and strategies. FFIEC guidelines allow for delegation of the responsibility of managing the information technology function to an IT steering committee with recommendations for committee staffing and reporting to the Board of Directors.
If you do have one, can you give a very short synopsis of who is on it and what you look at? So I’ll get a good comparison, how large of a Credit Union are you?
Thanks
Patrick McCollough
