I am looking for a comprehensive template for an annual security report to the board of directors. I am the security officer at a credit card bank (there are no loan officers, savings or checking accounts. We only issue the retail and bank credit card of a major retailer.
Does anyone have a good Code of Ethics Policy they are willing to share?
With the change of Reg P (Bank Protection) to Reg H and the implementation of information security procedures under GLB, what is your feeling about how annual reports on security should be made to the Board? Should there be a separate physical security report and a separate information security report or should they be combined for an overall security report?
I am trying to place a policy for our financial institution to implement in handling kidnapping, extortion, bomb threats etc. Does anyone know where I might be able to order and get a sample policy addressing these areas?
We have a policy and procedures on Safeguarding Customer Information. My problem is, FDIC EDP examiner wants more meat on it, such as; address logical and physical access controls to CIF. No incident response policies? I can't find the information in the Federal Register. Vendor oversight requirements have not been formalized, Can you direct me to any site that will have examples or answers to these questions?
What ongoing steps should we take to provide security and virus protection for our network?
Does a financial institution Security Officer have to be an Executive Officer?
Dana Turner has posted a sample investigative report in Banker Tools. Can we have a sample "investigator's checklist" too?