Federal Financial Institutions Examination Council (FFIEC) - Information Security IT Examination Handbook report

This report displays FFIEC issues found on your site. Many web application vulnerabilities might lead to security breaches of personal information, directly or indirectly, and might be considered as violations of the regulation.

Summary

Member agencies of the Federal Financial Institutions Examination Council (FFIEC) implemented section 501(b) of the Gramm-Leach-Bliley Act of 1999 (GLBA) by defining a process-based approach to security in the "Interagency Guidelines Establishing Information Security Standards" (501(b) guidelines). The 501(b) guidelines afford the FFIEC agencies Board of Governors of the Federal Reserve System (Federal Reserve Board), Federal Deposit Insurance Corporation (FDIC), National Credit Union Administration (NCUA), Office of the Comptroller of the Currency (OCC), and Office of Thrift Supervision (OTS) (the agencies) enforcement options if financial institutions do not establish and maintain adequate information security programs. This guide follows the same process-based approach, applies it to various aspects of the financial institution's operations and all related data, and serves as a supplement to the agencies' GLBA 501(b) expectations.

This compliance report automatically detects possible issues in your Web environment that may be relevant to your overall compliance with the security controls implementation guidelines as set forth in the security controls implementation chapter in this guide.

For more information about this regulation, visit http://www.ffiec.gov/.