IT Examiner School

Information Security Program

Policy

Standards

Procedures

Must be technically feasible and enforceable MUST have commitment from HIGHEST level of management Must have input from technical staff and users

Compliance

Gramm-Leach-Bliley Act • Interagency Guidelines Establishing Information Security Standards Fair and Accurate Credit Transactions Act ID Theft Prevention and Red Flags • Interagency Guidelines on Identity Theft Detection, Prevention & Mitigation