Skip to content

GLBA IT Compliance

Answered by: 

Question: 
Is there an annual IT certification the board must make for Graham Leach Bliley compliance?
Answer: 

There is a requirement for an annual report on information security.

12 CFR 30, Appendix B, "Guidelines Establishing Standards for Safeguarding Customer Information." The program must:

  • Be approved and overseen by the Board of directors
  • Be adjusted, as appropriate, for changes in the bank’s (or servicer’s) processing environment or systems.
  • Include an annual report to the board (or committee) describing the overall status of the program and bank’s compliance with the Guidelines.



First published on BankersOnline.com 12/05/05

First published on 12/05/2005

Filed under: 
Filed under compliance as: 
Filed under technology as: 

Banker Store View All

From training, policies, forms, and publications, to office products and occasional gifts, it’s available here:

Banker Store

hot right now

image description

Looking for effective, convenient training on a particular subject?

BOL Learning Connect offers more than 200 courses ON-DEMAND or on CD ROM from AML to Reg Z and every topic in between.

Search Topics