Hi All,
I work for the Credit Union industry governed by the National Credit Union Association (NCUA), which is a federal insurance agency not too dissimilar from the FDIC. It is a different governing structure and we have our own security policies, but we are a much smaller industry.
Here's where the fun begins. I am the one responsible for ensuring our IT infrastructure, specifically our network, is under compliance. Great! I'm looking forward to it, but the documentation is disparate and dated, for example, the last security letter I can find is from 2006!!@!$@!
Has anyone done the work of writing up a NCUA Policy Report? If not, I'm happy to do so, but I want to make sure I'm not reinventing the wheel here.
Any help in deciphering these laws would be a great help, as I'm new to the financial industry.
IT Resources - General - Seems the place to start
IT Rules and Regulations - Very little help in regards to technical details
IT Laws - Looks perfect, except for the dates
IT Related Letters - Oh god, the dates
These two Questionnaires are the closest to what I'm looking for. Regardless, I'm happy to translate all this legalese into technical requirements. Any help would be appreciated interpreting and translating these!
Thank You,
Matthew
NCUA Member