The full text on this page is automatically extracted from the file linked above and may contain errors and inconsistencies.
BOARD OF GOVERNORS OF THE FEDERAL RESERVE SYSTEM WASHINGTON, D. C. 20551 DIVISION OF BANKING SUPERVISION AND REGULATION SR 06-12 July 28, 2006 TO THE OFFICER IN CHARGE OF SUPERVISION, APPROPRIATE SUPERVISORY STAFF AT EACH FEDERAL RESERVE BANK, AND BANKING ORGANIZATIONS SUPERVISED BY THE FEDERAL RESERVE SUBJECT: FFIEC Information Security Booklet The Federal Financial Institutions Examination Council (FFIEC) updated its Information Security Booklet for examiners and financial institutions to reflect changes in technology and mitigation strategies, as well as recent revisions to related supervisory guidance. The discussion on risk assessments has been expanded to provide more detailed guidance on identifying information security risks and evaluating the adequacy of controls and applicable risk management practices. In addition, new or revised material is included regarding authentication, monitoring programs, malware, remote access, and other topics. In addition to the revised Information Security Booklet, the FFIEC also issued an executive summary of its IT Examination Handbook that contains a high level synopsis of each of the twelve booklets that comprise the handbook. The Information Security Booklet and the executive summary are available electronically via the Internet through the FFIEC's InfoBase application at http://www.ffiec.gov/ffiecinfobase/index.html. Reserve Banks are asked to distribute this SR Letter to the banking organizations supervised by the Federal Reserve, as well as to their supervisory and examination staff. If you have any questions regarding the revised guidance, please contact Stacy Coleman, Assistant Director, Operational and IT Risk Section, at (202) 452-2934, Elton Hill, Senior Supervisory Financial Analyst, at (202) 452-2514, or Ken Fulton, Supervisory Financial Analyst, at (202) 452-2314. Roger T. Cole Acting Director Cross Reference: SR letters | 2006 Home | Banking information and regulation Accessibility | Contact Us Last update: July 28, 2006 SR Letters 05-23, 05-19, 04-17, 04-14, 02-18, 02-6, 01-15, 0111, 00-17, 00-4, 99-8, and 97-32