National Credit Union Administration 748
- Determines the scope and objectives of a credit union´s information security program
- Requires that the Board of Directors, or an appropriate committee thereof, supervise and review the developing, implementing, and maintaining of the information security program
- Demands that each credit union assess, manage, and control risk
- Requires the credit union to exercise due diligence in selecting service providers as well as monitoring service providers through audits and other evaluations
- Stipulates that each credit union should continually monitor, evaluate, and adjust the information security program as relevant changes are made
- Requires the credit union to report at minimum annually to the Board of Directors, or appropriate committee thereof, on the overall status of and compliance with the information security program
The National Credit Union Administration (NCUA) 748, titled, Guidelines for Safeguarding Member Information, establishes standards for federally insured credit unions in regards to security programs for administrative, technical, and physical safeguards of customer information and records. These safeguards are set in place to insure the security and confidentiality of member information and records, protect against anticipated security or integrity threats to information and records as well as to protect against unauthorized access to or use of records or information that could result in significant harm or inconvenience to any customer.
|
