10/07/2002
Is there a way to determine whether or not an intrusion test provider has adequately tested a system? Are there specific prescribed procedures, methods or tests that should be used?
08/01/2002
HUD has published a proposal to make significant changes to the Good Faith Estimate that lenders issue within three days of taking an application. HUD calls this a "simplification" of the GFE.
02/11/2002
I am unsure what type of service providers we need a confidentiality agreement with. Some examples are: appraisers, realtors, surveyors, Insurance underwriters, Inspection companies, title companies, janitroial services, attorneys used for legal purposes for the financial insitution, attorneys used for title searches and other legal work involving a loan, Insurance companies use to obtain insurance coverage for the bank.
02/04/2002
What are the information security needs of a bank?Which laws/guidelines deal with information security needs of the bank?What are the steps involved in designing a security policy for a bank?
12/03/2001
DirectPointe provides managed computing services that include remote PC and Network Management services. We are working with a community bank in Utah that is interested in our services, but is concerned with any regulatory issues that may not allow us to have remote access to their network and PCs (since their network is connected to a service bureau, which has confidential information). Can you provide any information/insight into this issue? Can we provide remote services and if so, does our company need to meet certain requirements? Please let me know if you have recommendations.
10/01/2001
Can you recommend a good source or template for creation of an e-commerce enabled web hosting contract thatprotects a bank against liability with regards to its customers?
07/02/2001
How do banks intend to monitor their service providers to confirm that they are maintaining appropriate securitymeasures to safeguard the bank's customer information? We are looking for a practical, reasonable way to do this.
05/07/2001
I would appreciate any advice on where to start when developing our information security program.
01/15/2001
I've heard the term ASP quite a bit recently, but I'm not sure I understand the concept. Could you give me a quick description or explanation?
01/15/2001
The federal banking regulators have agreed to on final Interagency Guidelines Establishing Standards for Safeguarding Customer Information ("Guidelines"). You previously wrote two articles for us on the proposed guidelines. (See <a href="gurus_technology1211.html">Part 1</a> and <a href="gurus_technology1218.html">Part 2</a>.) Were there any surprises for you in the final version of Interagency Guidelines Establishing Standards for Safeguarding Customer Information? And could you give us a quick heads-up on what the final guidelines provide?