GLB Data Protection

Question:

I've heard that the banking regulators have been reviewing compliance with the GLBA Data Protection provisions in recent examinations. I also read somewhere they have identified recurring problems at several institutions. As we prepare our information security program and for the next examination, what are some of the key issues that we need to be aware of?

Answer:

Your question is timely and on point. The banking regulators have already begun to examine for compliance and will continue to ensure institutions maintain compliance continuously. A recently released FDIC survey on how financial institutions have fared during initial GLBA audits determined "almost all information security programs examined were found to have some deficiencies relating to board involvement, testing, and/or staff training."Other areas of confusion and risk are also emerging around the requirements for a formal risk assessment, oversight of service providers, and monitoring and adjusting the information security program.

Vendor:

CompCoach

GLB Data Protection

Related Q&As

How Current Events Have Changed Banking

Community Banks Define Success Through Design

Business Accounts: Is a resolution required for account signers?

Related Tools View All

Branch Auditing Workpaper

Red Flags/Identity Theft Audit Program

Red Flag Assessment Testing

OFAC Updates View All

Sanctions List Search

Specially Designated Nationals List (SDN)

Sanctions Programs and Information

Search Topics