Information Systems Security (IT Security) Policy - $375.00


The purpose of this Information Systems Security (IT Security) Policy Template is to establish general guidelines for maintaining an information technology (IT) computing environment within a bank, credit union, or other type of financial institution that is controlled, consistent, secure, and in compliance the guidelines set forth in the Joint Agency Policy Statement on User Computing Risks, joint guidelines for information security and safeguarding confidential customer information implemented under section 501(b) of the Gramm-Leach-Bliley Act (GLBA), and the FFIEC Information Technology Examination Handbook.

Table of Contents

Purpose and Contents - Topic 1
Policy Statement - Topic 2
Definitions - Topic 3
Organization, Responsibilities and Administration - Topic 4
Risk Management Program Overview - Topic 5
Information Security Program Risk Assessment - Topic 6
Information Security Strategic Plan - Topic 7
Information Security Program Overview - Topic 8
Control Standards - Topic 9
Inventory and Classification of Assets - Topic 10
Mitigation of Interconnectivity Risk - Topic 11
User Security Control Standards - Topic 12
Physical Security Standards - Topic 13
Network Control Standards - Topic 14
Change Management Standards - Topic 15
End-of-Life Management Standards - Topic 16
Malware, Spyware, and Virus Control Standards - Topic 17
Control of Information Standards - Topic 18
Supply Chain Risk Mitigation - Topic 19
Logical Security Standards - Topic 20
Customer Remote Access to Financial Services - Topic 21
Application Security Standards - Topic 22
Database Security Standards - Topic 23
Encryption Standards - Topic 24
Oversight of Third Party Providers - Topic 25
Security Operations Standards - Topic 26
Assurance and Testing Standards - Topic 27
Acceptable Use Policy - Topic 28
Cybersecurity Policy - Topic 29
Incident Response and Preparedness Policy - Topic 30
Cloud Computing Policy - Topic 31
Mobile Device Program Policy - Topic 32
Document Imaging Policy - Topic 33
Password and Authentication Control - Topic 34
Photocopier, Fax Machine and Printer Procedures - Topic 35
Instant Messaging Procedures - Topic 36
Voice Over Internet Protocol Procedures - Topic 37
Service Requests and Problem Reporting Procedures - Topic 38
Audit Policy - Topic 39
Staff Training - Topic 40
Retention of Documentation - Topic 41

Includes the following form templates:
Information Systems Contractor Protection Acceptance (1 page)
Information Systems Employee Protection Acceptance (1 page)
Information Systems Exception to Standards (1 page)
Information Systems Facilities Access Request (1 page)
Information Systems Incident Response Procedures Checklist (9 pages)
Information Systems Patch Management Control Form (1 page)
Information Systems Problem Worksheet (1 page)

Recent updates to this product:
05/01/18 Update
FFIEC Issues Joint Statement on Cyber Insurance and Its Potential Role in Risk Management Programs
04/02/18 Update
SEC - Commission Statement and Guidance on Public Company Disclosures
12/04/17 Update
Inclusion of Document Imaging Policy
07/05/17 Update
Use of SSAE 18 reports
12/05/16 Update
Advisory to Financial Institutions on Cyber-Events and Cyber-Enabled Crime
10/03/16 Update
Federal Regulators Release Revised Information Systems Security Booklet
07/05/16 Update
Cybersecurity of Interbank Messaging and Wholesale Payment Network
02/16/16 Update
Inclusion of Acceptable Use Policy
01/04/16 Update
Financial Regulators Release Revised Management Booklet
12/01/15 Update
FFIEC Release Statement on Cyber-Attacks Involving Extortion

This Information Systems Security Policy Template (approximately 269 pages) is available to purchase from in Microsoft® Word format for $375.00.

Mix and Match Volume Pricing

Would you like to mix and match multiple policies, procedures or job descriptions and receive a special volume discount? Click here to see how much you can save.

Sample Request

Click here if you are a new financial institution client and are interested in receiving a sample version of a product by e-mail attachment.

Need Help?

If you need assistance or didn't find what you are looking for, please contact us. We're here to help.