| |
Type
|
Source |
Title/Source |
Date |
| Management |
Website |
Basel
Committee on Banking Supervision |
Sound
Practices for the Management and Supervision of Operational
Risk |
February
2003 |
| Management |
Website |
IT
Governance Institute |
COBIT®;
3rd Edition; Management Guidelines |
July
2000 |
| Management |
Website |
ISACA |
Control
Objectives for Enterprise IT Governance |
N/A |
| |
Type |
Source |
Title/Source |
Date |
 |
| Management |
Laws |
Congress |
Home
Owner’s Loan Act, · 12 U.S.C. § 1464(d) |
N/A |
| Management |
Laws |
Congress |
Bank
Service Company Act, 12 U.S.C. § 1867(c) |
N/A |
| Management |
Laws |
Congress |
Bank
Protection Act, 12 U.S.C. § 1882 |
N/A |
| Management |
Laws |
Congress |
Gramm–Leach–Bliley
Act,· 15 U.S.C. § 6801 and 6805(b) |
N/A |
| Management |
Laws |
Congress |
Fraud
and Related Activity in Connection with Computers, ·
18 U.S.C. § 1030 |
N/A |
| |
| Booklet
|
Type |
Source |
Title/Source |
Date |
| Management |
Regulations |
FRB |
Interagency
Guidelines Establishing Standards for Safeguarding Customer
Information, Regulation H, 12 CFR § part 208, Appendix
D-2 |
|
| Management |
Regulations |
FRB |
Protection
of Customer Information, Regulation K, 12 CFR § parts
211.9 and 211.24 (i) |
|
| Management |
Regulations |
FRB |
Interagency
Guidelines Establishing Standards for Safeguarding Customer
Information, Regulation Y, 12 CFR § part 225, Appendix
F |
|
| Management |
Guidance |
FRB |
Standards
for Safeguarding Customer Information, SR 01-15 |
May
2001 |
| Management |
Guidance |
FRB |
Outsourcing
Information and Transaction Processing, SR 00-4 |
February
2000 |
| Management |
Guidance |
FRB |
Assessment
of Information Technology in the Risk-Focused Frameworks for
the Supervision of Community Banks and Large Complex Banking
Organizations, SR 98-9 |
April
1998 |
| |
| Management |
Regulations |
FDIC |
Interagency
Guidelines Establishing Standards for Safety and Soundness,
12 CFR § Part 364, Appendix A |
N/A |
| Management |
Regulations |
FDIC |
Interagency
Guidelines Establishing Standards for Safeguarding Customer
Information, 12 CFR § Part 364, Appendix B |
N/A |
| Management |
Guidance |
FDIC |
Bank
Technology Bulletin on Outsourcing, FIL-50-2001 |
June
2001 |
| Management |
Guidance |
FDIC |
Required
Notification for Compliance with the Bank Service Company
Act, FIL-49-99 |
June
1999 |
| Management |
Guidance |
FDIC |
Computer
Software Patch Management, FIL-43-2003
|
May
2003 |
| |
| Management |
Regulations |
NCUA |
Federal
Credit Union Incidental Powers Activities, 12 CFR Part 721 |
N/A |
| Management |
Regulations |
NCUA |
Security
Program, Report of Crime and Catastrophic Act, Bank Secrecy
Act Compliance, and Appendix A – Guidelines for Safeguarding
Member Information,12 CFR Part 748 |
N/A |
| Management |
Regulations |
NCUA |
Privacy
of Consumer Financial Information,12 CFR Part 716 |
N/A |
| Management |
Regulations |
NCUA |
Requirements
for Insurance, 12 CFR Part 741 |
N/A |
| Management |
Regulations |
NCUA |
Advertising,
12 CFR Part 740 |
N/A |
| Management |
Guidance |
NCUA |
E-Commerce
Guide for Credit Unions, NCUA Letter to Credit Unions 02–CU–17 |
December
2002 |
| Management |
Guidance |
NCUA |
Due
Diligence Over Third–Party Service Providers, NCUA
Letter to Credit Unions 01–CU–20 |
November
2001 |
| |
| Management |
Regulations |
OCC |
Interagency
Guidelines Establishing Standards for Safety and Soundness,
12 CFR § Part 30, Appendix A |
N/A |
| Management |
Regulations |
OCC |
Interagency
Guidelines Establishing Standards for Safeguarding Customer
Information, 12 CFR § Part 30, Appendix B |
N/A |
| Management |
Guidance |
OCC |
Third-Party
Relationships, OCC Bulletin 2001–47
|
November
2001 |
| Management |
Guidance |
OCC |
Third
Party Risk, OCC Advisory Letter 2000-9 |
August
2000 |
| Management |
Guidance |
OCC |
Technology
Risk Management, OCC Bulletin 98–3 |
February
1998 |
| |
| Management |
Regulations |
OTS |
Interagency
Guidelines Establishing Standards for Safety and Soundness,
12 CFR § Part 570, Appendix A |
N/A |
| Management |
Regulations |
OTS |
Interagency
Guidelines Establishing Standards for Safeguarding Customer
Information, 12 CFR § Part 570, Appendix B |
N/A |
| Management |
Guidance |
OTS |
Third
Party Arrangements, Thrift Bulletin 82 |
March
2003 |
| Management |
Guidance |
OTS |
Technology
Risk Controls, Regulatory Bulletin 32-21 |
January
2002 |
| Management |
Guidance |
OTS |
Management,
Thrift Activities Handbook Section 300 |
January
2002 |
| Management |
Guidance |
OTS |
Technology
Risk Controls, Thrift Activities Handbook Section 341 |
June
2003 |
