WASHINGTON — NCUA and the other Federal Financial InstitutionsExamination Council regulators have distributed revised guidancefor examiners and financial institutions for identifying securityrisks, evaluating controls, and applicable risk managementpractices.
The updated booklet provides an overhaul of the 2002 version,addressing advances in technology, risk assessments, mitigationstrategies, and regulatory guidance. Additionally, the riskassessment portion has been expanded to reflect the maturation ofthat process related to information security. New or revisedmaterial covering authentication, monitoring programs, and softwaretrustworthiness is also included. Other topics including malware,wireless, remote access, and trust services have also beenincorporated or revised.
“The security of financial institutions' systems and informationis essential to maintaining the privacy of customer information andsafe and sound operations,” the agencies said in a joint release.“The Information Security Booklet describes how an institutionshould protect and secure the systems and facilities that processand maintain information. The booklet calls for financialinstitutions and technology service providers (TSPs) to maintaineffective security programs tailored to the complexity of theiroperations.”
Continue Reading for Free
Register and gain access to:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts.
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders.
- Educational webcasts, white papers, and ebooks from industry thought leaders.
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com.
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
