The Federal Financial Examinations Council - simply known as FFIEC - was established in 1979 and is essentially responsible for developing uniform reporting systems for federally supervised financial institutions, holding companies, and other affiliated entities. What the FFIEC is become well-known for over the years is the "InfoBase" portal and the resource rich handbooks that provide comprehensive information on a number of notable topics. Specifically, their I.T. booklets are a common source of information for banks and other financial institutions looking seeking to obtain guidance on many security controls relating and requirements relating to the industry as a whole.
Learn more about our signature product, the Global Information Security Compliance Packet (GISCP), the world's most complete security policy packet containing over 2,850 + pages of in-depth information security policies, procedures, forms, checklists, templates, provisioning and hardening documents, and much more.
Learn more today about the GISCP by viewing sample policies, forms, hardening documents, and more.
Protecting information and ensuring the confidentiality, integrity, and availability (CIA) of these systems is paramount - and the I.T. booklets are a great resource, even though a number of them have not been updated in some time, but hopefully that will change.
And within the framework of the FFIEC is what's known as "InfoBase" (http://ithandbook.ffiec.gov/); a comprehensive set of resources providing the following helpful information:
- I.T. Booklets
- Referenced Materials
While many of these resources are extremely helpful - and often obtained by experts in the financial industry, it's the I.T. Booklets (http://ithandbook.ffiec.gov/it-booklets.aspx) that have garnered the most attention of the years. This is because they provide in-depth information on many critical information security topics, such as the following:
- Business Continuity Planning
- Development and Acquisition
- Information Security
- Outsourcing Technology Services
- Retail Payment Systems
- Supervision of Technology Service Providers
- Wholesale Payment Systems
Information Security Policies for FFIEC | Hundreds of Templates | Download
But a number of these I.T. booklets, though helpful in many ways, have not been fully updated in many years, resulting in some noted deficiencies. What organization can do - however, for ensuring they have a comprehensive set of information security policies and procedures, those that align with requirements by the FFIEC and other industry specific mandates - is purchase the Global Information Security Compliance Packet (GISCP) from Flat Iron Technologies, LLC. With literally hundreds of policies, procedures, forms, checklists, templates - and more - you can be assured of receiving only the very best set of information security documentation found anywhere. We also provide FFIEC consulting services for private sector organizations.