The Information Security Governance Framework is a holistic, enterprise risk management model for a Board of Directors that measures governance, compliance, and operational (legal) risks on identity theft and consumer protection per federal and state regulations and federal banking metrics, i.e., CAMELS and Basel. The model:

(1) includes 7 key questions and answers, in Governance,  for Boards of Directors on identity theft and information security governance.

(2) synchronizes relevant regulations for the banking industry that include GLBA, FDICIA Section 112, FTC ACT, Lanham Act, Sarbanes-Oxley, California’s AB 1950 and FINCEN’s Identity Theft Suspicious Activity Report requirements with the 3 security layers per GLBA 501(b), 521 and 523, i.e., IT or Information Technology Governance, Network Vulnerability and IP or Intellectual Property Governance. Intellectual Property or IP Governance addresses corporate identity theft, a root source of rampant federal crimes against consumers and trade secrets per the President’s Identity Theft Task Force Report. Corporate identity theft or intellectual property infringements in the form of fraudulent domain names used within phishing, email spam and fake web sites are Unfair and Deceptive practices against consumers that attack trade secrets or sensitive customer information, inside and outside of bank IT networks, resulting in operational losses, operational risks and reputational harm for corporations and consumers, alike. Boards of Directors of financial firms have a fiduciary and regulatory obligation to prevent corporate identity theft. For a virtual library, visit the Information Security Governance Framework.

(3) automates an independent risk management function with external peer review Information Security Governance Metrics from publicly available information.

(4) generates a positive ROI by minimizing corporate identity theft attacks on consumers and IT networks, operational risks and losses, and capital reductions under Basel.

Information Security breaches and lack of compliance with government regulations can shatter consumer trust, reputations and the safety & soundness of internet banking with volatile deposits departing for safer banks and brands.

Contact members of the IP Governance Task Force to obtain a customized Information Security Governance compliance analysis for your Board of Directors.