Legal Seminar, Denver, CO

NMLS Information Security Requirements

Federal Information Security Modernization Act (FISMA) and National  Institute of Standards and Technology (NIST) NIST 800‐53 Rev.4, Security and Privacy Controls for Federal Information  Systems and Organizations  (18 families) • Access Management • Identification and Authentication • Risk Assessment

• Awareness and Training • Audit and Accountability • Security Assessment and Authorization

NMLS Risk Management Framework • Minimum security controls as determined by NIST, CSBS,& CFPB (200-300)