skip to main navigation skip to secondary navigation skip to content
Board of Governors of the Federal Reserve System
skip to content
Board of Governors of the Federal Reserve System

Supervisory Policy and Guidance Topics

Information Security

This topic contains guidance regarding the adequacy of financial organizations’ information security systems. Information security is the process by which an organization protects and secures its systems, media, and facilities that process and maintain information vital to its operations. On a broad scale, the financial institution industry has a primary role in protecting the nation’s financial services infrastructure.  The security of the industry’s systems and information is essential to its safety and soundness and to the privacy of customer financial information. Individual financial institutions and their service providers must maintain effective security programs adequate for their operational complexity. (FFIEC IT Examination Handbook InfoBase)
Sections on this page:
 

Policy Letters

Information Security

SR 09-2
FFIEC Guidance Addressing Risk Management of Remote Deposit Capture Activities
SR 08-7 / CA 08-10
Interagency Examination Procedures for the Identity Theft Red Flags and Other Regulations under the Fair Credit Reporting Act
SR 06-14 (Revised)
Revised Policy Governing Access to Confidential Supervisory Information
SR 06-13
Questions and Answers Related to Interagency Guidance on Authentication in an Internet Banking Environment
SR 06-12
FFIEC Information Security Booklet
SR 05-23
Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice
SR 05-19
Interagency Guidance on Authentication in an Internet Banking Environment
SR 04-17
FFIEC Guidance on the use of Free and Open Source Software
SR 04-14
FFIEC Brochure with Information on Internet "Phishing"
SR 01-15 (SUP)
Standards for Safeguarding Customer Information
 

Manual References

Last update: January 23, 2013