Federal Financial Institutions Examination Council |
Press Release |
For Immediate Release | January 29, 2003 |
FEDERAL FINANCIAL REGULATORS RELEASE INFORMATION
SECURITY BOOKLET, The Federal Financial Institutions Examination Council today issued revised guidance for examiners and financial institutions to use in identifying information security risks and evaluating the adequacy of controls and applicable risk management practices of financial institutions. The safety and soundness of the federal financial industry and the privacy of customer information depend on the security practices of banks, thrifts and credit unions. The Information Security Booklet describes how an institution should protect and secure the systems and facilities that process and maintain information. The booklet calls for financial institutions and technology service providers (TSPs) to maintain effective security programs, tailored to the complexity of their operations. Today's guidance is the first in a series of updates to the 1996 FFIEC Information Systems (IS) Examination Handbook. These updates will address significant changes in technology since 1996 and incorporate a risk-based examination approach. The FFIEC currently plans to issue the updates in separate booklets that will ultimately replace all chapters of the 1996 Handbook and comprise the new FFIEC Information Technology (IT) Examination Handbook. In addition to the booklet on information security issued today, future booklets will address business continuity planning, supervision of technology service providers, electronic banking, IT audit, payment systems, outsourcing, IT management, computer operations, and systems development and acquisition. The FFIEC agencies plan to distribute these booklets electronically to financial institutions and TSPs. The documents will be available on the Internet through the FFIEC's InfoBase application. InfoBase will include each booklet in Adobe Acrobat PDF file format, as well as an online version with links to various resource materials, and an orientation to the handbook update process. Media Contacts: OTS Chris Smith 202-906-6677
The FFIEC was established in March 1979 to prescribe uniform principles,
standards, and report forms and to promote uniformity in the supervision
of financial institutions. The Council has five member agencies:
the Board of Governors of the Federal Reserve System, the Federal
Deposit Insurance Corporation, the National Credit Union Administration,
the Office of the Comptroller of the Currency, and the Office of
Thrift Supervision. The Council's activities are supported by interagency
task forces and by an advisory State Liaison Committee, comprised
of five representatives of state agencies that supervise financial
institutions. |
Maintained by the FFIEC. For suggestions regarding this site, Contact Us.
Last Modified: 11/26/2008 2:34 PM