FIND YOUR TEMPLATE. FAST AND EASY!

Information Systems Security (IT Security) Policy

$425.00

The purpose of this Information Systems Security Policy Template is to establish general guidelines for maintaining an information technology (IT) computing environment within a bank, credit union, or other type of financial institution that is controlled, consistent, secure, and in compliance the guidelines set forth in the Joint Agency Policy Statement on User Computing Risks, joint guidelines for information security and safeguarding confidential customer information implemented under section 501(b) of the Gramm-Leach-Bliley Act (GLBA), and the FFIEC Information Technology Examination Handbook.

Description

Information Systems Policy

The purpose of this Information Systems Policy Template is to establish general guidelines for maintaining an information systems policy and information technology (IT) computing environment within a bank, credit union, or other type of financial institution that is controlled, consistent, secure, and in compliance the guidelines set forth in the Joint Agency Policy Statement on User Computing Risks, joint guidelines for information security and safeguarding confidential customer information implemented under section 501(b) of the Gramm-Leach-Bliley Act (GLBA), and the FFIEC Information Technology Examination Handbook.

Table of Contents

  • Purpose and Contents – Topic 1
  • Policy Statement – Topic 2
  • Definitions – Topic 3
  • Organization, Responsibilities and Administration – Topic 4
  • Risk Management Program Overview – Topic 5
  • Information Security Program Risk Assessment – Topic 6
  • Information Security Strategic Plan – Topic 7
  • Information Security Program Overview – Topic 8
  • Control Standards – Topic 9
  • Inventory and Classification of Assets – Topic 10
  • Mitigation of Interconnectivity Risk – Topic 11
  • User Security Control Standards – Topic 12
  • Physical Security Standards – Topic 13
  • Network Control Standards – Topic 14
  • Change Management Standards – Topic 15
  • End-of-Life Management Standards – Topic 16
  • Malware, Spyware, and Virus Control Standards – Topic 17
  • Control of Information Standards – Topic 18
  • Supply Chain Risk Mitigation – Topic 19
  • Logical Security Standards – Topic 20
  • Customer Remote Access to Financial Services – Topic 21
  • Application Security Standards – Topic 22
  • Database Security Standards – Topic 23
  • Encryption Standards – Topic 24
  • Oversight of Third Party Providers – Topic 25
  • Security Operations Standards – Topic 26
  • Assurance and Testing Standards – Topic 27
  • Acceptable Use Policy – Topic 28
  • Cybersecurity Policy – Topic 29
  • Incident Response and Preparedness Policy – Topic 30
  • Cloud Computing Policy – Topic 31
  • Mobile Device Program Policy – Topic 32
  • Document Imaging Policy – Topic 33
  • Password and Authentication Control – Topic 34
  • Photocopier, Fax Machine and Printer Procedures – Topic 35
  • Instant Messaging Procedures – Topic 36
  • Voice Over Internet Protocol Procedures – Topic 37
  • Service Requests and Problem Reporting Procedures – Topic 38
  • Audit Policy – Topic 39
  • Staff Training – Topic 40
  • Retention of Documentation – Topic 41

Includes the following form templates:

  • Information Systems Contractor Protection Acceptance (1 page)
  • Information Systems Employee Protection Acceptance (1 page)
  • Information Systems Exception to Standards (1 page)
  • Information Systems Facilities Access Request (1 page)
  • Information Systems Incident Response Procedures Checklist (9 pages)
  • Information Systems Patch Management Control Form (1 page)
  • Information Systems Problem Worksheet (1 page)

Recent updates to this product:
05/01/18 Update
FFIEC Issues Joint Statement on Cyber Insurance and Its Potential Role in Risk Management Programs
04/02/18 Update
SEC – Commission Statement and Guidance on Public Company Disclosures
12/04/17 Update
Inclusion of Document Imaging Policy
07/05/17 Update
Use of SSAE 18 reports
12/05/16 Update
Advisory to Financial Institutions on Cyber-Events and Cyber-Enabled Crime
10/03/16 Update
Federal Regulators Release Revised Information Systems Security Booklet
07/05/16 Update
Cybersecurity of Interbank Messaging and Wholesale Payment Network
02/16/16 Update
Inclusion of Acceptable Use Policy
01/04/16 Update
Financial Regulators Release Revised Management Booklet

This Information Systems Policy Template (approximately 269 pages) is available to purchase from BankPolicies.com in Microsoft® Word format for $425.00.

Want to ensure your purchase from BankPolicies.com remains current? Add a Product Update Protection Plan to your shopping cart to ensure that you will automatically receive an updated version every time it is revised via e-mail within one year from the last date of purchase. This timely and cost-effective solution ensures that you stay on top of federal regulatory changes and industry recommended best practices.

When updates are made you will receive detailed information regarding why the product was updated and what has changed within the product in our Product Update Notification e-mail correspondence. This enables you to make an informed decision on whether to make any changes to the policy or procedure you implemented for your financial institution from the revised template.

Our dedicated staff of career banking industry professionals are ready to keep your financial institution up to date with the latest bank policy standards and industry best practices. Purchase your bank policies from us today and rest easy knowing you have the right team helping you and your organization stay compliant. We look forward to earning your business for all of your bank policy needs.

You may also like…