FIPCO® will provide audit and security activities centered on compliance to GLBA including ensuring that various implementation specifications are in place for each of the standards identified in the following table.
The Gramm-Leach-Bliley Act (GLBA), officially known as the Financial Services Modernization Act, consists of multiple components. One of those key components calls for “Safeguarding Customer Information”. The Safeguards Regulation, Sections § 314.3, § 314.4 requires compliance to the standards in the following table.
|Information Security Program Development|| GLBA § 314.3|
|Involve Board of Directors|| GLBA § 314.4.(a)|
FDIC 225. III .(A)
NCUA 748. III .(A)
|Assess Risk|| GLBA § 314.4.(b)|
FDIC 225. III .(B)
NCUA 748. III .(B)
|Manage and Control Risk|
GLBA § 314.4.(b)
|Oversee Service Provider Arrangements|| GLBA § 314.4.(d)|
FDIC 225. III .(D)
NCUA 748. III .(D)
Adjust the Program
| GLBA § 314.4.(e)|
FDIC 225. III .(E)
NCUA 748. III .(E)
|Report to the Board|
FDIC 225. III .(F)
|Implement the Standards|| FDIC 225. III .(G)|
NCUA 748. III.(G)
In order to safeguard customer information, financial institutions are required to ensure the security of their customer data, protect the data against known or anticipated risks and secure the data protecting it from unauthorized access. In order to protect against risks, financial institutions must first have a proactive Security Program that involves the board of directors. FIPCO® can help with security consulting to understand how to make your security program proactive, ongoing and risk based.