1 22 Table of Contents 24 28

Pub. 15 2020-2021 Issue 1

NEBRASKA BANKERS ASSOCIATION 23 You’re preapproved for trusted advice! Your bank works hard to make customer dreams become reality. Don’t let complex regulations delay your next big transaction. Our talented, supportive pros can help you stay compliant, manage risk and grow strategically, so you can focus on building equity in your community. Everyone needs a trusted advisor. Who’s yours? bkd.com/fs • @BKDFS from phishing emails, phone calls, malicious websites’ data maps, and ransomware attacks. The spike in malicious activity is so severe that researchers have seen an increase of 667% in phishing email attacks alone in the month of March. A critical component of proactive security includes con- tinuous process improvement, including regular testing of an organization’s people, processes and technology. Many times, an IT audit is how we verify that proper security measures are in place and are effective. A traditional on-site IT audit has historically required a security firm to send a qualified information security auditor on-site to review policy, procedures and technical controls, as well as to conduct investigative interviews. The auditor typically examines whether the organization is compliant with its own program (and with applicable regulations), as well as identifying possible gaps in the adequacy of controls. The Future of the IT Audit is Virtual In response to the COVID-19 virus, regulatory agencies have announced plans to conduct virtual IT examinations. This may seem like a novel idea; however, virtual IT audits have been around for years. A virtual IT audit should follow the same process of the on-site audit, except all the work is done remotely. The virtual audit requires the same evidence, documentation, scope and A virtual IT audit should follow the same process of the on-site audit, except all the work is done remotely. The virtual audit requires the same evidence, documentation, scope and process. An added bonus of your virtual engage- ment is that your IT auditor is not spending time traveling, meaning there should be an increase in the efficiency of the audit process from start to finish. Virtual IT Audit — continued on page 24

RkJQdWJsaXNoZXIy OTM0Njg2