Resources for Federal Financial Institutions Examination Council (FFIEC)

FFIEC: Information Security, IT Examination Handbook

FFIEC

Information security is the process by which an organization protects and secures its systems, media, and facilities that process and maintain information vital to its operations. On a broad scale, the financial institution industry has a primary role in protecting the nation’s financial services infrastructure. The security of the industry’s systems and information is essential to its safety and soundness and to the privacy of customer financial information. Individual financial institutions and their service providers must maintain effective security programs adequate for their operational complexity. These security programs must have strong board and senior management level support, integration of security activities and controls throughout the organization’s business processes, and clear accountability for carrying out security responsibilities. This booklet provides guidance to examiners and organizations on assessing the level of security risks to the organization and evaluating the adequacy of the organization’s risk management.

View the Resource

Share or bookmarklet this web page at: