Agencies

Anti-Money Laundering

Business Continuity & Disaster Recovery

Compliance

Emerging Technology

Governance and Standards

Identity Theft

Leadership Management

Physical Security

Risk Management

Training & Education

Webinar Calendar

Vendor Directory

Content Library

Products

Events

About Us

Resources

Information Security Booklet - OCC - FFIEC

GuidanceFederal Financial Institutions Examination Council (FFIEC)
Office of the Comptroller of the Currency (OCC)Risk Management

The Federal Financial Institutions Examination Council (FFIEC) has released updated information security guidance in the form of a new Information Security Booklet. The Information Security Booklet is the first in a series of booklets that will completely update and replace the 1996 FFIEC Information Systems Examination Handbook.

Reliance on technology in all aspects of banking by bankers, consumers, and corporations has increased both the potential for, and likely impact of, security threats to national banks. Widespread adoption of effective security processes can help ensure that the banking industry maintains effective safeguards against such threats and, by doing so, helps preserve the public trust. The Information Security Booklet provides a comprehensive security framework for national banks and their technology service providers. The framework focuses on implementing a security risk management process that identifies risks, develops and implements a security strategy, tests key controls, and monitors the risk environment. This framework also stresses the important roles that senior management and boards of directors play in this process by emphasizing their responsibility to recognize security risks in their banks and to assign appropriate roles and responsibilities to their managers and employees.

> Read entire regulation (log in required - registration is free)