Federal Bank and Thrift Regulatory Agencies Publish Guide to Help Financial Institutions Comply with Information Security Guidelines

The federal bank and thrift regulatory agencies today announced the publication of a compliance guide for the Interagency Guidelines Establishing Information Security Standards (Security Guidelines). The compliance guide summarizes the obligations of financial institutions to protect customer information and illustrates how certain provisions of the Security Guidelines apply to specific situations.

The compliance guide provides detailed explanations of the core terms used in the Security Guidelines as well as information to help financial institutions assess risks, design and implement an information security program, properly dispose of customer and consumer information, respond to incidents of unauthorized access to customer information, and oversee service providers that have access to customer information. The compliance guide also lists resources that may be helpful in assessing risks and designing and implementing information security programs.

The compliance guide is not a substitute for the Security Guidelines. The compliance guide addresses only a financial institution’s obligations under the Security Guidelines and does not address the applicability of any other federal or state laws or regulations that may pertain to policies or practices for protecting customer records and information.

A copy of the compliance guide is attached. The guide is also available on the websites of the sponsoring agencies: the Federal Reserve Board; Federal Deposit Insurance Corporation; Office of the Comptroller of the Currency; and Office of Thrift Supervision.

# # #

Attachment:
* Interagency Guidelines Establishing Information Security Standards: Small-Entity Compliance Guide
(www.fdic.gov/news/news/press/2005/pr12705a.html)

Contact Information

David Barr

Federal Deposit Insurance Corporation

Contact via E-mail