IT Examiner School
ISP Framework - Flexible
Technology Sensitivity of Customer Information Internal or External Threats Institution’s Changing Business Arrangements Information security program should reflect current information technology environment & practices
Most Common GLBA Examination Issues Information Security Program stale/outdated Risk assessment not updated at least annually Risk Assessment is IT centric & not enterprise-wide Inadequate Information Security Report to the Board (or a lack of reporting) Poor vendor/service provider oversight Lack of training
Made with FlippingBook Digital Publishing Software