From: BankInfoSecurity
Freddie Mac Adopts Enhanced, Hybrid Risk Mgt. Framework
By Eric Chabrow
Continuous monitoring is helping Freddie Mac reduce the number of security controls it uses to safeguard its information systems, says CISO Patricia Titus, who summarizes lessons that can apply to government and private-sector entities.
Titus says continuous monitoring assures that the controls the Federal Home Loan Mortgage Corp. selects adequately protects its information assets. That, she says, means the government-sponsored enterprise, which buys mortgages on the secondary market and sells them as mortgage-backed securities, can eliminate some security controls deemed unnecessary.
Freddie Mac’s continuous monitoring program is an outgrowth of what Titus characterizes as its enhanced, hybrid risk management framework that incorporates risk management processes and best practices from the International Organization of Standardization and the U.S. federal government’s National Institute of Standards and Technology.
Leave a Reply