GLB Risk Assessment Policy | For Bankers. From Bankers

Skip to content

BOL Conferences

BankersOnline.com Forums Banker Forums General Discussion GLB Risk Assessment Policy

Thread Options

Tools

#57247 - 01/28/03 04:21 PM GLB Risk Assessment Policy
Kara S Platinum Poster Joined: Oct 2002 Posts: 927 Milwaukee, WI	Ok, I've done a search on BOL and have found that GLB is not a favorite topic! We are having our Safety and Soundness exam in a few weeks and they are asking for a GLB Risk Assessment Policy. I have searched everywhere for some guidance on this; including Kirchman, BOL, Bank Focus, etc. I have come up with nothing, has anyone else had to come up with this policy? _________________________ My opinions are not to be construed as legal advice.
Return to Top

General Discussion

#57248 - 01/28/03 04:48 PM Re: GLB Risk Assessment Policy
wlavoie Gold Star Joined: Jul 2002 Posts: 338 Hell's Canyon	Kara, We were told we needed to do a risk assessment along with testing and reporting, but nothing about a risk assessment policy. _________________________ Wendy LaVoie
Return to Top

#57249 - 01/28/03 04:58 PM Re: GLB Risk Assessment Policy
Kara S Platinum Poster Joined: Oct 2002 Posts: 927 Milwaukee, WI	Yeah, well the Board meets at 4:00 today and needs a policy! Talk about pulling hair out! _________________________ My opinions are not to be construed as legal advice.
Return to Top

#57250 - 01/28/03 05:15 PM Re: GLB Risk Assessment Policy
Kara S Platinum Poster Joined: Oct 2002 Posts: 927 Milwaukee, WI	Also GLB and Reg P. Same thing or two different regs/laws? _________________________ My opinions are not to be construed as legal advice.
Return to Top

#57251 - 01/28/03 05:32 PM Re: GLB Risk Assessment Policy
Queen Mum Power Poster Joined: Mar 2001 Posts: 3,920 OK	In our Safey and Soundess Exam they wanted an extension assessment of the Information Security. Even though we had an Information Systems Policy with most all the items covered, we did not have a formal assessment from the IT Department and they seemed to want Information "Security" where we had our titled Information "Systems".
Return to Top

#57252 - 01/28/03 06:21 PM Re: GLB Risk Assessment Policy
wlavoie Gold Star Joined: Jul 2002 Posts: 338 Hell's Canyon	Kara, I have an "Access to Customer Information" policy if that will help. Give me your email address and I will send it to you. _________________________ Wendy LaVoie
Return to Top

#57253 - 01/28/03 06:22 PM Re: GLB Risk Assessment Policy
Starky 100 Club Joined: Oct 2002 Posts: 204 Arkansas	We recently had our S & S exam but I was not asked about a Risk Assessment policy. However, we do address risk assessment in our Information Security Program. Maybe it has been included in your written Program?
Return to Top

#57254 - 01/28/03 08:14 PM Re: GLB Risk Assessment Policy
Ted Dreyer Diamond Poster Joined: Apr 2001 Posts: 2,245	In reply to: Also GLB and Reg P. Same thing or two different regs/laws? GLB contained the privacy requirements that became Reg P, but included quite a bit more than that. Financial holding companies, sale of insurance disclosures, Reg E and on-machine ATM fee disclosures, and Information Security Guidelines also came from GLB. The "risk assessment" is PROBABLY the risk assessment required for Information Security, which did come from GLB.
Return to Top

#57255 - 01/28/03 11:32 PM Re: GLB Risk Assessment Policy
Wayne Barnett Member Joined: Nov 2002 Posts: 58 Dallas, Texas	Kara: I submitted an Intrusion Risk Assessment Policy a few months back. I tried to write the policy so that it addressed the security concerns outlined in GLB. You can find it at www.bankersonline.com/tools/intrusionriskassess.doc Regards, Wayne Barnett, Preaident Wayne Barnett Software A Texas Corporation 877-945-4344 wbarnett@barnettsoftware.com Wayne Barnett, CPA 800-680-8692 wbarnett@barnettcpa.com
Return to Top

#57256 - 01/29/03 04:07 PM Re: GLB Risk Assessment Policy
Kara S Platinum Poster Joined: Oct 2002 Posts: 927 Milwaukee, WI	Thank you all very much, I really appreciate the help! _________________________ My opinions are not to be construed as legal advice.
Return to Top

Previous Thread

Previous Thread

View All Threads

Next Thread

Hop To

Moderator: Andy_Z, Lucy Griffin, Mary Beth Guard