Skip to content
 

Tips For Developing IT/InfoSec/GLBA Policies

Answered by: 
Andy Zavoina

Question: 
We are in the process of developing a more comprehensive IT/Information Security policy for our growing institution. What recommendations can you make regarding content that will ensure compliance with regulations? Are you aware of any sample policies that meet regulatory criteria that we can refer to for guidance? We are most interested in sucessful ways of incorporating GLBA requirements.
Answer: 

Because systems and requirements change, a solid "one size fits all" template would be difficult. Review your examination materials and try to answer as many questions as possible to your satisfaction, and hopefully to your examiners' as well.

http://www.ffiec.gov/guides.htm

You can also look at this guidance from Bonnie Mizrahi.

First published on BankersOnline.com 7/10/06

First published on 07/10/2006

Filed under: 
Compliance
Security
Technology
Filed under compliance as: 
GLBA
Policies
Security
Filed under security as: 
GLBA
Policies
Security
Filed under technology as: 
GLBA
Policies
Security

Report a problem with this page

Search Topics