Organizations that are covered by regulations will do themselves a free compliance favor by reading…and knowing…what the examiners will be looking for when they visit to do their compliance audits.
If you are covered under the Red Flags Rule, and if FACTA applies to you (which it does for most organizations that perform credit or other financial transactions), then you should get and read the new guidance issued by the Office of Thrift Supervision (OTS) for its examiners on enforcement of the Red Flags Rule; RB 37-27.
Tags: awareness and training, Information Security, IT compliance, IT training, OTS, policies and procedures, privacy training, Red Flags rule, risk management, security training