Bank Enterprise Information Security Policy (EISP)

  

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

The organization that we will use is a small community bank. This type of organization was selected because everyone in the course should have some familiarity with banks, a community bank has a smaller scope, the banking industry has regulatory requirements to follow, and public trust in banking is very important. (Maryland SECU is an example of this type of bank.)

Here are some technical parameters of the Bank of Bowie.

· Headquarters is located in Bowie, MD

· Headquarters building has corporate offices and a branch on the lower level

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

· Two branch offices are located in Bowie and Laurel

· Each of the three branches employees the following staff

o Branch Manager

o Branch Security Officer

o Six Tellers

o Two Loan Officers

· Corporate Headquarters employs the following staff

o Officers and Directors

§ Chairman/CEO/President/Director

§ Vice-President/Secretary/Director

§ Financial Officer/Treasurer

§ Assistant Treasurer 

§ Six Directors – Corporate Strategy, Branch Oversight, Personnel Oversight, Regulatory Implementation, Customer Focus, Policy/Standards/Processes

§ Chief Compliance Officer

o Employees

§ Head Loan Officer 

§ Senior Loan Administrator

§ Two Loan Processors

§ Escrow Processor

§ Eight Customer Service Representatives

§ Internal Auditor

§ Compliance Officer

§ Two Human Resources Personnel

§ Five Information Technology Personnel

· Bank Offerings

o Savings and Checking Accounts

o Loans

o Deposit Products such as IRAs

o Online Banking

Information Technology Landscape

· Primary corporate databases are maintained at the Headquarters and a backup location

· Data is replicated routinely from the branches to the Headquarters

· Headquarters and branch personnel use desktops for their day-to-day activities

· Software consists of a number of standard applications, e.g., Office, and customized banking applications

· The Bank of Bowie website provides static information about the bank

· Electronic banking activities are outsourced to other providers

· Data is archived by a third-party provider

· Data protection mechanisms include encryption, digital signatures, access control firewalls, and other measures

Vision/Mission

Bank of Bowie is built on weeks of dedication to the community, Bank of Bowie will “continue in our rich tradition of providing impeccable customer service within a community environment.”

[1]

Regulation

We will simplify the government regulations for this activity. You must account for federal requirements for the following.

· All financial transactions must have integrity.

· All financial transactions must be audited and audit data must be retained for a period of six years.

· Social Security Numbers must be kept confidential.

· Customers must have access to their accounts at least every 48 hours.

· Interest rates and other loan terms and conditions must be clearly disclosed to customers.

Submission One – Policies

Bank of Bowie requires a set of policies to guide their efforts. 

Write an Enterprise Information Security Policy for the Bank of Bowie. See Page 148, Table 4-1 for an example. Make certain the policy includes what the information security needs are and not how to achieve them. Include the five federal requirements and three additional requirements based on market competitors (local banks – such as MECU, SECU, PointBreeze Credit Union, 1st Mariner Bank, Rosedale Federal Savings and Loan). Please detail the mission, vision, and values to support the justification for the “information security needs”. 

Create an Issue-specific security policy (ISSP) on a relevant topic of your choosing. It can be for internal system users or for customers or services provided to customers. 

Create a system specific policy that addresses audit logs and backup of the audit logs. Make certain that it is compliant with the laws indicated in the background. 

Each policy document should be well organized per the outlines presented in the text or another reference. Each policy should be between 2 and 4 pages and it will be graded based on its completeness in addressing the topic, not on its length. Finally, it should follow all of the guidelines for each policy type in the text.

 .

Enterprise Information Security Policy

Mission, Vision, and Values

Section 1: Purpose

Section 2: Policy Definitions

Policy 1: XXXX

Policy 2: XXXX

Policy 3: XXXX

Policy 4: XXXX

Policy 5: XXXX

Policy 6: XXXX

Section 3: Necessity

Section 4: Roles and Responsibilities

Section 5: External Standards and Guidelines

Issue-Specific Security Policy

Section 1: XXXX

Section 2: XXXX

Section 3: XXXX

Section 3: XXXX

Section 4: Violation of Policy (Example)

If any policy listed in this document is violated in any way as defined by the institution, an investigation into the violation/s will be thorough, and repercussions will be swiftly administered. Penalties will be based on the severity of the violation, and can range from a verbal warning to expulsion from the company and/or legal prosecution. All employees and related associates of the Bank of Bowie are required to report any suspected violation of policy to their superior, or to the anonymous hotline, which can be reached by calling 1-800-555-5555. Any person making a report of a suspected policy violation will in no way be penalized for their report.

Section 5: XXXX

Section 6: XXXX

System Specific Security Policy

· Branches

· Corporate Headquarters

References Used for Enterprise Information Security Policy:

References Used for Issue-Specific Security Policy:

References Used for System Specific Security Policy

Calculate your order
Pages (275 words)
Standard price: $0.00
Client Reviews
4.9
Sitejabber
4.6
Trustpilot
4.8
Our Guarantees
100% Confidentiality
Information about customers is confidential and never disclosed to third parties.
Original Writing
We complete all papers from scratch. You can get a plagiarism report.
Timely Delivery
No missed deadlines – 97% of assignments are completed in time.
Money Back
If you're confident that a writer didn't follow your order details, ask for a refund.

Calculate the price of your order

You will get a personal manager and a discount.
We'll send you the first draft for approval by at
Total price:
$0.00
Power up Your Academic Success with the
Team of Professionals. We’ve Got Your Back.
Power up Your Study Success with Experts We’ve Got Your Back.

Order your essay today and save 30% with the discount code ESSAYHELP