Is there an annual IT certification the board must make for Graham Leach Bliley compliance?
As it relates to IT examinations, what are the top "hot buttons" for regulators?
I currently report to the Senior Manager in charge of Technology and Operations. There is discussion about me reporting to the Senior Retail Banking Manager. I am looking for some resources that provide a discussion about the area of the bank the security officer position should fall within.
Are we required to notify our customers of possible computer intrusions? Where can I find regulatory information regarding intrusions or hacks and the notification of customers?
What are the key elements of an information security program under the Guidelines?
The federal banking regulators have agreed to on final Interagency Guidelines Establishing Standards for Safeguarding Customer Information ("Guidelines"). You previously wrote two articles for us on the proposed guidelines. (See <a href="gurus_technology1211.html">Part 1</a> and <a href="gurus_technology1218.html">Part 2</a>.) Were there any surprises for you in the final version of Interagency Guidelines Establishing Standards for Safeguarding Customer Information? And could you give us a quick heads-up on what the final guidelines provide?