Security Assessment FAQs

The Gramm-Leach-Bliley (GLBA) Information Security Act requires financial institutions  and companies that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data.Topgallant helps financial Institutions achieve GLBA Information Security Standards Compliance through pro-active and innovative consulting, measurement and testing.


Organizations Requiring Adherence to GLBA Information Security Standards

  • Banks
  • Insurance Companies
  • Insurance Agencies
  • Debt collectors
  • Financial or Investment Advisers
  • Loan Brokers
  • Non-bank mortgage lenders
  • Real estate appraisers
  • Real Estate Service Providers
  • Tax Return Preparers

GLBA Information Security and Privacy Requirements

GLBA requires that financial institutions establish appropriate standards for financial institutions relating to the administrative, technical and physical safeguards of customer records and information. The standards’ objectives are to:

  • Ensure the security and confidentiality of customer information;
  • Protect against any anticipated threats or hazards to the security or integrity of such information; and
  • Protect against unauthorized access to or use of customer information that could result in substantial harm or inconvenience to any customer.

Safeguards Rule

The Safeguards Rule requires financial institutions to develop a written information security plan that describes how the company is prepared for, and plans to continue to protect clients’ nonpublic personal information. (The Safeguards Rule applies to information of any consumers past or present of the financial institution’s products or services.) This plan must include:

  • Denoting at least one employee to manage the safeguards,
  • Constructing a thorough risk analysison each department handling the nonpublic information,
  • Develop, monitor, and test a program to secure the information, and
  • Change the safeguards as needed with the changes in how information is collected, stored, and used.

The Safeguards Rule forces financial institutions to take a closer look at how they manage private data and to do a risk analysis on their current processes. No process is perfect, so this has meant that every financial institution has had to make some effort to comply with the GLBA Information Security Standards.

Call us today Toll Free at 1-844-9Pentest (1-844-973-6837).