Upcoming Training

GLBA Assessment

FIPCO® will provide audit and security activities centered on compliance to GLBA including ensuring that various implementation specifications are in place for each of the standards identified in the following table.

The Gramm-Leach-Bliley Act (GLBA), officially known as the Financial Services Modernization Act, consists of multiple components. One of those key components calls for “Safeguarding Customer Information”. The Safeguards Regulation, Sections § 314.3, § 314.4 requires compliance to the standards in the following table.

 Standard Section
 Information Security Program Development GLBA § 314.3
 FDIC 225.II
 NCUA 748.II
 Involve Board of Directors GLBA § 314.4.(a)
 FDIC 225. III .(A)
 NCUA 748. III .(A)
 Assess Risk GLBA § 314.4.(b)
 FDIC 225. III .(B)
 NCUA 748. III .(B)
 Manage and Control Risk

 GLBA § 314.4.(b)
 GLBA § 314.4.(c)
 FDIC 225. III.(C).1
 FDIC 225. III .(C).2
 FDIC 225. III .(C).3
 NCUA 748. III.(C).1
 NCUA 748. III .(C).2
 NCUA 748. III .(C).3

 Oversee Service Provider Arrangements  GLBA § 314.4.(d)
 FDIC 225. III .(D)
 NCUA 748. III .(D)

 Adjust the Program

 GLBA § 314.4.(e)
 FDIC 225. III .(E)
 NCUA 748. III .(E)
 Report to the Board

 FDIC 225. III .(F)
 NCUA 748. III .(F)

 Implement the Standards FDIC 225. III .(G)
 NCUA 748. III.(G)

In order to safeguard customer information, financial institutions are required to ensure the security of their customer data, protect the data against known or anticipated risks and secure the data protecting it from unauthorized access. In order to protect against risks, financial institutions must first have a proactive Security Program that involves the board of directors. FIPCO® can help with security consulting to understand how to make your security program proactive, ongoing and risk based.