FFIEC Revised Guidance On information Security Risks - Circulars

Museum & Visits Regional Economy Data & Statistics Careers Blog Press Center

About the New York Fed
- About the New York Fed
- What We Do
- Who We Are
  - Bank Leadership
  - Diversity and Inclusion
- Communities We Serve
- Governance
- More About Us
- At the New York Fed, our mission is to make the U.S. economy stronger and the financial system more stable for all segments of society. We do this by executing monetary policy, providing financial services, supervising banks and conducting research and providing expertise on issues that impact the nation and communities we serve.
  
  Introducing the New York Innovation Center: Delivering a central bank innovation execution
  
  Do you have a request for information and records? Learn how to submit it.
  
  Learn about the history of the New York Fed and central banking in the United States through articles, speeches, photos and video.
Markets & Policy Implementation

Economic Research
- Economic Research
- U.S. Economy
  - Consumer Expectations & Behavior
  - Growth & Inflation
  - Labor Market
  - Financial Stability
  - Banking
- REGIONAL ECONOMY
- RESEARCHERS
  - PUBLICATIONS
  - RESEARCH CENTERS
  - CALENDAR

Financial Institution Supervision
- Financial Institution Supervision
- Supervision & Regulation
  - Circulars
  - Regulations
- Reporting Forms & Instructions
  - Reporting Forms
  - Correspondence
- Bank Applications
- Consumer Protection
  - Community Reinvestment Act Exams
  - Frauds and Scams
- As part of our core mission, we supervise and regulate financial institutions in the Second District. Our primary objective is to maintain a safe and competitive U.S. and global banking system.
  
  The Governance & Culture Reform hub is designed to foster discussion about corporate governance and the reform of culture and behavior in the financial services industry.
  
  Need to file a report with the New York Fed? Here are all of the forms, instructions and other information related to regulatory and statistical reporting in one spot.
  
  The New York Fed works to protect consumers as well as provides information and resources on how to avoid and report specific scams.
Financial Services & Infrastructure
- Financial Services & Infrastructure
- Financial Services & Operations
- Financial Market Infrastructure & Reform
- The Federal Reserve Bank of New York works to promote sound and well-functioning financial systems and markets through its provision of industry and payment services, advancement of infrastructure reform in key markets and training and educational support to international institutions.
  
  The New York Fed provides a wide range of payment services for financial institutions and the U.S. government.
  
  The New York Fed offers the Central Banking Seminar and several specialized courses for central bankers and financial supervisors.
  
  The New York Fed has been working with tri-party repo market participants to make changes to improve the resiliency of the market to financial stress.
Community Development
& Education

Circular

FFIEC Revised Guidance On information Security Risks

January 31, 2003

Circular No. 11496

To All Depository Institutions and Others Concerned in the Second Federal Reserve District:

In a press release, the Federal Financial Institutions Examination Council (FFIEC) announced a revised guidance for examiners and financial institutions to use in identifying information security risks and evaluating the adequacy of controls and applicable risk management practices of financial institutions.

The safety and soundness of the federal financial industry and the privacy of customer information depend on the security practices of banks, thrifts and credit unions. The Information Security Booklet describes how an institution should protect and secure the systems and facilities that process and maintain information. The booklet calls for financial institutions and technology service providers (TSPs) to maintain effective security programs tailored to the complexity of their operations.

This guidance is the first in a series of updates to the 1996 FFIEC Information Systems (IS) Examination Handbook. These updates will address significant changes in technology since 1996 and incorporate a risk-based examination approach.

The FFIEC currently plans to issue the updates in separate booklets that will ultimately replace all chapters of the 1996 Handbook and comprise the new FFIEC Information Technology (IT) Examination Handbook. In addition to the booklet on information security issued today, future booklets will address business continuity planning, supervision of technology service providers, electronic banking, IT audit, payment systems, outsourcing, IT management, computer operations, and systems development and acquisition.

The FFIEC agencies plan to distribute these booklets electronically to financial institutions and TSPs. The documents will be available on the Internet through the FFIEC's InfoBase application. InfoBase will include each booklet in Adobe Acrobat PDF file format, as well as an online version with links to various resource materials, and an orientation to the handbook update process.

The electronic version of the Information Security Booklet is available at www.ffiec.gov/guides.htm.

Questions on this matter may be directed at this Bank to Barbara J. Yelcich, Examining Officer, Operational Risk Department.

By continuing to use our site, you agree to our Terms of Use and Privacy Statement. You can learn more about how we use cookies by reviewing our Privacy Statement.