Gramm-Leach-Bliley and Sarbanes-Oxley

November 18, 2003


Gramm-Leach-Bliley and you: "The Safeguards Rule, which went into effect during 2003, requires that included institutions take proactive steps to ensure the security of customer information. At a minimum, institutions must:

- Appoint an individual or group to bear specific responsibility for GLB compliance.
- Identify risks to customer information and assess existing safeguards.
- Implement safeguards that are needed to fill any gaps.
- Monitor the effectiveness of all safeguards.
- Ensure service providers are capable of meeting GLB requirements.
- Adjust the organization's security program as necessary when circumstances change. "

Find more information about the act here. Or find out more on the FTC website here.

Five Things IT Needs To Know About Sarbanes-Oxley Compliance is another good link for yet another piece of legislation that has something to do with IT. Take a look. For more info on Sarbanes-Oxley, look here.