Gramm LeachBliley

One of the earliest US government forays into mandating information security standards was the Gramm-Leach-Bliley Act (GLBA). Section 501(b) requires each covered financial institution to establish "appropriate safeguards" to: (1) ensure the security and confidentiality of customer records and information; (2) protect against anticipated threats or hazards to the security or integrity of those records; and (3) protect against unauthorized access to, or use of, such records or information which could result in substantial harm or inconvenience to any customer. GLBA required standards to be set by regulation for safeguarding customer information. This task was accomplished with the publishing of the

Interagency Guidelines Establishing Standards for Safeguarding Customer Information (the "Guidelines").The Guidelines apply to customer information maintained by covered "financial institutions," both of which terms are broadly defined under applicable law and regulations.The Guidelines require a written security program specifically tailored to the size and complexity of each individual covered financial institution, and to the nature and scope of its activities. Under the Guidelines, covered institutions must conduct risk assessments to customer information and implement policies, procedures, training, and testing appropriate to manage reasonably foreseeable internal and external threats. Institutions must also ensure that their Board of Directors (or a committee thereof) oversees the institution's information security measures.

Further, institutions must exercise due diligence in selecting and overseeing, on an ongoing basis, service providers (entities that maintain, process, or otherwise are permitted access to customer information through providing services to a covered institution). Institutions also must ensure, by written agreement, that service providers maintain appropriate security measures.

Project Management Made Easy

Project Management Made Easy

What you need to know about… Project Management Made Easy! Project management consists of more than just a large building project and can encompass small projects as well. No matter what the size of your project, you need to have some sort of project management. How you manage your project has everything to do with its outcome.

Get My Free Ebook

Post a comment