The Gramm-Leach-Bliley Act (GLBA) of 1999 first established a requirement to protect consumer financial information. Financial services regulations on information security, initiated by the GLBA, require financial institutions in the United States to create an information security program to protect the security, confidentiality, and integrity of such information. The Federal Financial institutions Examination Council (FFIEC) supports this mission by providing extensive, evolving guidelines for compliance.
E Com Security Solutions GLBA Assessment provides a comprehensive review and analysis of all the major information technology areas recommended by the FFIEC and require financial institution to:
- Identify all current and foreseeable risks and vulnerabilities in IT systems and data storage, assess likelihood and impact of threats, and assess sufficiency of controls to mitigate the risks.
- Design and implement a risk management plan to mitigate those risks
- Implement process and technical safeguards for consumer data storage and access
E Com Security Solutions provide a SOC 2 Type 2 Report of GLBA Assessment on the security controls aligned with FFIEC guidelines for the testing GLBA requirements.