Print
International Training & Assistance (ITA)
for Bank Supervisors
| About | Courses | Seminars | Self-study tools | Related sites | Contact us |
Course Dates
- September 30 - October 4, 2013
(Chicago, IL) Apply Now >>>
IT Supervisory Themes and Emerging Topics (STET), Session 2S.T.R.E.A.M/Technology Lab Courses - The Federal Reserve Bank of Chicago
Type of Participant Targeted
IT Supervisory Themes and Emerging Topics (STET) is a one-week course. The course is suitable both for newer examiners looking for some introduction to various IT topics, and experienced examiners who have encountered these issues and could benefit from further collaboration with other examiners.
Prerequisites
None.
Course Overview
This course is designed to highlight emerging topics in information technology in a condensed and discussion–oriented format. Topics include virtualization overview, virtualization work program, cloud computing, cloud computing vendor management, social media risks and controls, mobile banking and risk assessment, "bring you own device (BYOD)," the Federal Reserve's supervisory guidance letter #11-9 concerning authentication in an internet banking environment, and data leak prevention. The class modules are dynamically developed based on evolving IT operational risks and newfound IT exam issues. Therefore, each class may have different focus areas based on latest IT trends.
Course Objectives
Upon completion of this course, the participant, at a minimum, will be able to
- Demonstrate a basic understanding of IT technology
- Identify strengths and weaknesses of various technologies
- Perform fundamental system administration and audit operations
- Evaluate and report efficiency of various security controls to protect technology operations
Post-Course Intervention
Participants should be provided with opportunities that allow them to identify security capabilities and limitations associated with computer operating systems within a financial institution. They should review security measurements and recommend proper security controls to protect technology operations.
Curriculum Overview
| Subject | Approximate Class Hours |
|---|---|
| Virtualization Overview | 2.0 |
| Virtualization Work Program | 3.0 |
| Cloud Computing | 3.0 |
| Cloud Computing Vendor Management | 4.0 |
| Social Media Risks and Controls | 4.0 |
| Social Media Hands-on Lab | 1.0 |
| Data Leak Prevention | 2.0 |
| Mobile Banking Risk Assessment Case Study | 2.0 |
| SR 11-9 Authentication in an Internet Banking Environment | 2.0 |
| Bring Your Own Device | 2.0 |
| TOTAL | 25.0* |
* Note: The topics and hours may vary from class to class.
Learning Objectives
Participants develop a solid understanding of various technologies and identify security strengths and weaknesses in an institution's technology environment. Furthermore, participants evaluate the technology and its security measurement by reviewing, auditing, reporting, and recommending proper security controls.
By module, the following learning objectives will be accomplished:
| Module | Learning Objectives |
| Virtualization Overview |
|
| Virtualization Work Program |
|
| Cloud Computing |
|
| Cloud Computing Vendor Management |
|
| Social Media Risks and Controls |
|
| Social Media Hands-on Labs |
|
| Mobile Banking Risks and Controls |
|
| Mobile Banking Case Study--Risk Assessment |
|
| SR 11-9 Authentication in an Internet Banking Environment |
|
| Bring Your Own Device |
|
Class Size
The optimum class size is approximately 20 participants. To provide sufficient variety of interaction among class participants, the minimum class size is 10 participants.
Instructors
The STET course is conducted and supported by a diverse group of professionals, including senior IT examiners, information security specialists, technology architects, and program managers from the Federal Reserve System, FFIEC agencies, state banking supervision departments in the United States, and consulting firms.
