Risk Management Framework


The Gramm-Leach-Bliley Act (GLBA) requires financial institutions or organizations who offer financial services to take the appropriate measures to safeguard customer data.

Framework Summary

The Safeguards Rule is a key component of the GLBA and outlines requirements for compliance.

According to the FTC website, under the Safeguards Rule each company must:

  • Designate one or more employees to coordinate its information security program.
  • Identify and assess the risks to customer information in each relevant area of the company’s operation, and evaluate the effectiveness of the current safeguards for controlling these risks.
  • Design and implement a safeguards program, and regularly monitor and test it.
  • Select service providers that can maintain appropriate safeguards, make sure your contract requires them to maintain safeguards, and oversee their handling of customer information.
  • Evaluate and adjust the program in light of relevant circumstances, including changes in the firm’s business or operations, or the results of security testing and monitoring.

Free Discovery Session

Have a quick question?
Email us: cybersecurity@mindpointgroup.com
Give us a call: (703) 636-2033 Option 2