Tripwire Helps Meet FFIEC Requirements

Off late information security and technology risk management was relegated to the back office or basement operations of most financial institutions3. Today, with the passage of legislation such as the 1999 Gramm-Leach-Bliley Act (GLBA) and the subsequent GLBA Security rule that took affect in 2001, information security and technology risk management are subjects upon which the board and senior management must be actively involved and aware, especially in the instance of material events such as a system disruption from unauthorized access to a bank's network, data breach, cyber terrorism, or a natural disaster that may threaten the safety, soundness, and security of the institution and its customer information.