Skip to content

Tips For Developing IT/InfoSec/GLBA Policies

Answered by: 

Question: 
We are in the process of developing a more comprehensive IT/Information Security policy for our growing institution. What recommendations can you make regarding content that will ensure compliance with regulations? Are you aware of any sample policies that meet regulatory criteria that we can refer to for guidance? We are most interested in sucessful ways of incorporating GLBA requirements.
Answer: 

Because systems and requirements change, a solid "one size fits all" template would be difficult. Review your examination materials and try to answer as many questions as possible to your satisfaction, and hopefully to your examiners' as well.

http://www.ffiec.gov/guides.htm

You can also look at this guidance from Bonnie Mizrahi.

First published on BankersOnline.com 7/10/06

First published on 07/10/2006

Filed under: 
Filed under compliance as: 
Filed under security as: 
Filed under technology as: 

Banker Store View All

From training, policies, forms, and publications, to office products and occasional gifts, it’s available here:

Banker Store

hot right now

image description

Looking for effective, convenient training on a particular subject?

BOL Learning Connect offers more than 200 courses ON-DEMAND or on CD ROM from AML to Reg Z and every topic in between.

Search Topics