Modifying Policies to Fit Online Banking

Answered by:

Question:

We will be providing online banking to our customers and I would like some clarification on the modifications of our current policies and what policies should I create from scratch. I will edit our Privacy Policy to reflect a new online privacy policy. I will also edit our CRA file, edit EFT disclosure, edit IT policy and evaluate our risk assessment plan. I will CREATE an online banking policy, online banking agreement, firewall policy and an internal audit checklist. Does this sound like I am moving in the right direction? Any additional items I should address?

Answer:

Excellent start! But don't forget about a system to approve changes to the system, retention as needed of the content and possible penetration testing in your IT audit. You will also want copies of SAS 70 audits on your provider and to ensure all vendor controls are in place.

First published on BankersOnline.com 11/3/03