IT Examiner School, Palm Springs, CA

First page Table of contents Previous page 174 Next page Last page

Information Security Program Components

• Board of Directors Involvement • Risk Assessment • Manage and Control Risk • Oversee Service Provider Arrangements

• Program Adjustment • Report to the Board • Standards Implementation

Board of Directors

• Approve the Information Security Program annually

• Oversee development, implementation and maintenance of the program

The following FILs mention consideration of these topics in the annual GLBA board report: (FDIC regulated institutions only)

– Instant Messaging (FIL – 84-2004); – Virus Protection (FIL – 62-2004); and – Software Patch Management (FIL – 43-2003).

Made with FlippingBook - professional solution for displaying marketing and sales documents online