• Security
• Compliance
  • SOX 404
  • GLBA
  • NISPOM
  • HIPAA
  • FFIEC
  • PCI
  • FISMA
• Operations

Compliance - GLBA

Gramm-Leach-Bliley Act (GLBA)

The Gramm-Leach-Bliley Act fundamentally changed the financial services industry by relaxing rules on consolidation within the industry. A key provision under the Act defined the privacy requirements that govern the collection and disclosure of customers’ personal financial information. All financial institutions must adhere to these provisions and it is necessary for financial institutions to design, implement and maintain safeguards. Further it requires that a security management process exist in order to protect against attempted or successful unauthorized access, use, disclosure, modification, or interference of customer records. The organization must be able to monitor, report, and alert on attempted or successful access to systems and applications that contain sensitive customer information.

Pre-defined GLBA Audit-ready Reports:

• User Logon report - Gramm-Leach-Bliley Act (GLBA) Compliance requirements state that user accesses to the system be recorded and monitored for possible abuse.
• User Logoff report - Gramm-Leach-Bliley Act (GLBA) requirements state that user accesses to the system be recorded and monitored for possible abuse.
• Logon Failure report - The security logon feature includes logging all unsuccessful login attempts. The user name, date and time are included in this report.
• Audit Logs access report - Gramm-Leach-Bliley Act (GLBA) requirements (review and audit access logs) calls for procedures to regularly review records of information system activity such as audit logs.