Revised Policy Templates for October 2016
Acceptable Use Policy Template
Business Continuity Plan Policy Template
Cybersecurity Policy Template
Incident Response and Preparedness Policy Template
Information Systems Security Policy Template
Internet Banking Policy Template
Mobile Banking Policy Template
Mobile Device Program Policy Template
Regulation P Policy Template
The update to these products is in response to FFIEC’s Press Release entitled “Federal Regulators Release Revised Information Systems Security Booklet” dated 09/09/16 that announced a revised Information Security booklet, which is part of the FFIEC Information Technology Examination Handbook (IT Handbook). The revised booklet addresses the factors necessary to assess the level of security risks to a financial institution’s information systems. In addition, the booklet helps examiners evaluate the adequacy of the information security program’s integration into overall risk management.
The update to these products is in response to FinCEN’s Advisory FIN-2016-A003 entitled “Advisory to Financial Institutions on E-Mail Compromise Fraud Schemes” dated 09/06/16 to help financial institutions guard against a growing number of e-mail fraud schemes in which criminals misappropriate funds by deceiving financial institutions and their customers into conducting wire transfers. In addition, this advisory provides red flags (developed in consultation with the Federal Bureau of Investigation and the U.S. Secret Service) that financial institutions may use to identify and prevent such e-mail fraud schemes.