GLBA Risk Assessments Solutions


InfoSight provides GLBA Risk Assessments to review the GLBA Program in your institution based upon FFIEC Standards. Our assessments conform to FFIEC regulatory requirements, statutory directives and industry best practices which the institution operates under. Throughout the process, InfoSight’s assessors will work closely with your organization’s risk and information security teams to gain a clear view of the institution’s risk relative to GLBA compliance requirements.

What is GLBA
What is GLBA?

The Gramm-Leach-Bliley Act (GLBA), is in place to assure the confidentiality and security of all customer records and information. GLBA guidelines establish administrative, physical and technical safeguards to ensure security around unauthorized access and unauthorized use of personal information. Why financial intuitions care about it? Financial institutions should take GLBA guidelines very seriously because it is their responsibility to secure personal information from slipping into the wrong hands. It is mandatory for financial institutions to have a written security program and strictly implement, maintain and manage the written security program to ensure a safe zone for customer information.

Key Features

InfoSight can assist with:

  • Evaluating the processes by which the institution monitors and tests the effectiveness of the institution’s information security-related controls and their relationship with its Institution’s information security risk assessment
  • Meeting GLBA requirements
  • Reviewing current policies and procedures regarding privacy disclosures
  • Evaluating the Board of Directors approval and oversight of the institution’s ISP and supervision of its development, implementation and maintenance, including a review of management reports concerning the effectiveness of the ISP
  • Building security & compliance reports in a language your C-Suite and Board will understand
  • Addressing the protection of NPI and notification to the institution of any information security breaches.

InfoSight Also Provides:

Why InfoSight?

  • 24x7x365 US-based SOC/NOC
  • SOC 2 Certified
  • Complete MSSP Services that include Monitoring, Real-Time Threat Analysis, Mitigation/Remediation, Alerting, Reporting and Device Management
  • Flexible pricing models that can be 24x7, 8x5, OR off-peak 7pm to 7am only coverage
  • MSP & MSSP Solutions for both IT & OT ICS environments
  • 25+ years Regulatory Compliance experience (GLBA, PCI, HIPAA, NERC, AWIA, etc.)
  • Certified Experts (CISSP, CISA, CEH, OSCP, AWS, AWWA, etc.)
  • Managed Services for On-premise Data center, Cloud and Hybrid environments
  • Offering comprehensive cybersecurity Awareness Training Solutions
  • Virtual ISO Programs that bridge the communication gap between IT and OT networks

Contact Us

Contact Infosight