Click to return to BOL home page
Banker Store Read A Reg Vendor Connect Career Connect Learning Connect Bankers Information Network
Home Compliance Lending Operations Security Marketing Technology/eBanking
Top Stories Bankers' Threads Background Checks BOL Conferences CrimeDex FREE Briefings Banker Tools

   

















    Site Map

    Our Sponsors

    Home





Compliance Gurus
Lending Gurus
Operations Gurus
Marketing Gurus
Technology Gurus
eBanking Gurus

Print Friendly! Email This Article! Discuss NOW!

Presenting Annual Security Reports To The Board
Answer by Andy Zavoina and Dana Turner, BOL Gurus

Question: With the change of Reg P (Bank Protection) to Reg H and the implementation of information security procedures under GLB, what is your feeling about how annual reports on security should be made to the Board? Should there be a separate physical security report and a separate information security report or should they be combined for an overall security report?

Answer by Andy Zavoina:
BIO AND CONTACT INFO
So long as required reports are properly made it would not matter. If this is one person doing both they could be combined.

Personally I would recommend dividing them for accountability and to separate physical security (robbery, SARs, alarms, etc.) from technological security. When asked for your reports by examining teams, they may find it easier if there are different teams for each. There is no reason to invite questions from one team about an issue not directly within their scope.

Answer by Dana Turner:
BIO AND CONTACT INFO
Depending upon the way the organization's structured, this could be a difficult question. I suggest creating the annual security report using three (3) components:
- Physical security;
- Procedural security; and
- Information security.

Physical security generally deals with facilities and what the institution owns. Procedural security generally deals with how the institution operates. Information security is often a hybrid -- containing both physical and procedural issues. The Facilities Manager, Information Systems Manager and the Security Officer should each author their respective pieces of the report -- and then decide who's going to review each component and then coordinate the final report production.

A guide is available in Banker Tools entitled, "Annual Security Program Report - How to Prepare".

First published on BankersOnline.com 07/07/03




Home | Compliance | Lending | Operations | Security | Marketing | Technology | eBanking
BOL Archives    Privacy Policy    Important Disclaimer   Recommend This Site !   Contact Us


BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.