The provisions of the Gramm-Leach-Bliley Act (GLBA) that regulate the security of nonpublic personal information are presented in Title V – Privacy. These provisions stipulate that financial institutions doing business in the United States must establish appropriate information security controls to ensure the security and confidentiality of customer records and information, protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer, and protect against any anticipated threats or hazards to the security or integrity of such records.
The Federal Financial Institutions Examination Council (FFIEC) designs and supervises audits for most federal agencies that oversee financial institutions. The FFIEC provides extensive guidelines for information security and risk management that help financial organizations achieve and prove compliance with GLBA safeguards and rules. Netwrix can help you pass GLBA audits by ensuring continuous compliance with the following FFIEC requirements: