Jordan Rosiak

2 min read

Using RACI Charts to Strengthen Risk Management and InfoSec Programs

Jordan Rosiak: May 9, 2025

Without defined roles, critical tasks like policy reviews, incident response, and business continuity planning, or risk assessments can be overlooked or delayed. A RACI chart (Responsible, Accountable, Consulted, Informed) is a powerful tool that...

Information Security Program Governance Risk Management Compliance RACI
Read More

3 min read

Understanding the Second Amendment to DFS Part 500: What Financial Institutions Need to Know

Jordan Rosiak: Mar 13, 2025

The Second Amendment to the New York Department of Financial Services (NYDFS) Part 500, finalized on November 1, 2024, introduces more stringent...

Controls Governance Risk Assessment Incident Response Audit Multi-factor Authentication Risk Management Compliance DFS 500
Read More

3 min read

Kingdom Building in Information Security: The Risks of Tool Overload

Jordan Rosiak: Feb 5, 2025

A common theme among financial institutions is the attempt to keep up with the evolving threat landscape through the acquisition of the latest and...

Risk Information Security Program Third-Party Security Tools Third-Party Risk Management
Read More