InfoSight provides GLBA Risk Assessments to review the GLBA Program in your institution based upon FFIEC Standards. Our assessments conform to FFIEC regulatory requirements, statutory directives and industry best practices which the institution operates under. Throughout the process, InfoSight’s assessors will work closely with your organization’s risk and information security teams to gain a clear view of the institution’s risk relative to GLBA compliance requirements.
What is GLBA?
The Gramm-Leach-Bliley Act (GLBA), is in place to assure the confidentiality and security of all customer records and information. GLBA guidelines establish administrative, physical and technical safeguards to ensure security around unauthorized access and unauthorized use of personal information. Why financial intuitions care about it? Financial institutions should take GLBA guidelines very seriously because it is their responsibility to secure personal information from slipping into the wrong hands. It is mandatory for financial institutions to have a written security program and strictly implement, maintain and manage the written security program to ensure a safe zone for customer information.
InfoSight can assist with:
Evaluating the processes by which the institution monitors and tests the effectiveness of the institution’s information security-related controls and their relationship with its Institution’s information security risk assessment
Meeting GLBA requirements
Reviewing current policies and procedures regarding privacy disclosures
Evaluating the Board of Directors approval and oversight of the institution’s ISP and supervision of its development, implementation and maintenance, including a review of management reports concerning the effectiveness of the ISP
Building security & compliance reports in a language your C-Suite and Board will understand
Addressing the protection of NPI and notification to the institution of any information security breaches.