The federal banking regulators have agreed to on final Interagency Guidelines Establishing Standards for Safeguarding Customer Information ("Guidelines"). You previously wrote two articles for us on the proposed guidelines. (See <a href="gurus_technology1211.html">Part 1</a> and <a href="gurus_technology1218.html">Part 2</a>.) Were there any surprises for you in the final version of Interagency Guidelines Establishing Standards for Safeguarding Customer Information? And could you give us a quick heads-up on what the final guidelines provide?
What are the key elements of an information security program under the Guidelines?
I've heard the term ASP quite a bit recently, but I'm not sure I understand the concept. Could you give me a quick description or explanation?
Can you refer me to anything that would assist me in knowing what should be performed for monitoring our online banking Web site? I've been through bank security seminars that cover non-technology security. Our external auditor was not able to assist us.