28.04.2016, 17:40
Banks Recommended Systemic Approach to Information Security
OREANDA-NEWS. The Bank of Russia has drawn up and addressed to all credit institutions a novel set of measures to build a high performance information flow monitoring system meant to minimise information leakage risks. The guidelines for RF banking system institutions' information security become effective 1 May 2016.
The new regulation recognises the proposals which came from banks that took part in the 'Financial Transaction Standards (TK122)' technical committee proceedings led by the Federal Agency on Technical Regulating and Metrology. The guidelines therefore incorporate Russian credit institutions' best practices in the field.
Special focus is made on the detection and prevention of information leakage which may come as result of an action made by a credit institution's staff or individuals with authorised access to a bank's internal data. The guidelines also cover confidential information handling procedures and techniques as applicable for banks. Additionally, the document details approaches to continuous monitoring of processes which may potentially pose a threat to a credit institution's information security.
The regulator's efficient distribution scheme in information security-related efforts would enable banks to focus on their core operations. If followed, the proposed guidelines would also enable banks to deliver better performance of their information protection practices and to optimise their organisation and financial expenses.
The new regulation recognises the proposals which came from banks that took part in the 'Financial Transaction Standards (TK122)' technical committee proceedings led by the Federal Agency on Technical Regulating and Metrology. The guidelines therefore incorporate Russian credit institutions' best practices in the field.
Special focus is made on the detection and prevention of information leakage which may come as result of an action made by a credit institution's staff or individuals with authorised access to a bank's internal data. The guidelines also cover confidential information handling procedures and techniques as applicable for banks. Additionally, the document details approaches to continuous monitoring of processes which may potentially pose a threat to a credit institution's information security.
The regulator's efficient distribution scheme in information security-related efforts would enable banks to focus on their core operations. If followed, the proposed guidelines would also enable banks to deliver better performance of their information protection practices and to optimise their organisation and financial expenses.
Комментарии