Baseline Nonbank Cybersecurity Exam Program

First page Table of contents Previous page 46 Next page Last page

Question 6 - continued

Safeguards Rule, Section 314.4 Information Security Program Elements (16 CFR 314.4): • Designated Employee(s) • Risk Assessment • Key Control Testing • Vendor Management/Third Party Risk Program • Annual Program Adjustments

11

Question 7

Does the Information Security program designate an employee or employees to coordinate the information security program? If so, request their name and contact information.

12

Made with FlippingBook - Online Brochure Maker