Skip to content

Achieving Compliance the Cost-effective Way

Answered by: 

Question: 
How can a bank achieve assured compliance given the constrained information security budgets today?
Answer: 

Use a collective approach. Combining requirements of different regulations and addressing them collectively will not only save you a significant amount of time and money, but will also equip you with more efficient and effective information security. The main regulations/standards that a bank would face comprise the GLBA, FACTA and PCI DSS. The areas below can be collectively addressed:

  • Risk Assessments
  • Comprehensive Program
  • Penetration Testing and Vulnerability Assessments
  • Social Engineering
  • Employee Training
  • Service Provider Oversight

While it is true that the GLBA focuses on information security while the FACTA emphasizes identity theft, these are areas of considerable overlap where one cannot really be considered without taking the other into perspective. Similarly, the GLBA and PCI DSS have a number of requirements that are almost common. The approach will not only get you cost-efficient compliance, but also robust information security.

First published on BankersOnline.com 3/09/09

First published on 03/09/2009

Banker Store View All

From training, policies, forms, and publications, to office products and occasional gifts, it’s available here:

Banker Store

hot right now

image description

Looking for effective, convenient training on a particular subject?

BOL Learning Connect offers more than 200 courses ON-DEMAND or on CD ROM from AML to Reg Z and every topic in between.

Search Topics