Federal Financial Institutions Examination Council (FFIEC) is a council of five banking regulators, that has released guidelines to ensure compliance to laws and regulations for financial institutions.
The guidelines are separated into 11 IT Examination Booklets and cover the following topics:
- Business Continuity Planning
- Development and Acquisition
- Information Security
- Outsourcing Technology Services
- Retail Payment Systems
- Supervision of Technology Service Providers
- Wholesale Payment Systems
The compliance of an institution with the FFIEC guidelines is determined through comprehensive assessments of the operations and security risks. The risks and threats should be identified, and mitigations should be implemented. Continuous and periodic risk assessments should be performed.
Who does it apply to?
FFIEC compliance applies to financial institutions and providers of services to these institutions that handle financial or consumer data.
How can GoldSky support you with your FFIEC compliance needs?
- GoldSky can assess the state of current IT operations of a financial organization, identify gaps compared to the prescribed FFIEC guidelines, on all 11 topics. If gaps or deficiencies have been identified, GoldSky can put together a plan and implementation of the required mitigations.
- GoldSky can develop and maintain risk assessment and management documentation as required for the compliance.
We are grateful to have GoldSky as our IT security and compliance partner in the SMB marketplace. Thank you for the expertise you provided in performing our annual Security Risk Assessment and HIPAA Compliance Review. You all are incredibly smart and ahead of the game when it comes to assessing a company and providing affordable and efficient IT security and technology solutions!”