The Gramm-Leach-Bliley Act (GLBA) Safeguards Rule requires financial institutions to conduct a risk assessment to identify internal and external risks to customer information security and confidentiality. For many organizations conducting risk assessments for GLBA compliance is a daunting task. CompliancePoint simplifies this process, helping you identify vulnerabilities, giving you a foundation to design and implement an information security program that will minimize your cyber risk while ensuring you're compliant with GLBA requirements.

Our Approach

We use the following steps, based on NIST guidelines, to execute GLBA risk assessments to help organizations better understand the information security risks they are facing, effectively mitigate and manage those risks, and achieve GLBA compliance.

Our Focus

Our GLBA services are designed to meet all elements of the Safeguards Rule and can be tailored to fit the budget and maturity of your business. You can customize a program that focuses on the services that are most vital to your operations.

Program Manager

Experienced and knowledgeable personnel to serve as your designated individual and supervise your information security program in accordance with GLBA.

Safeguard Controls

Information security controls designated to reduce identified risks and ensure GLBA safeguards are met.

Risk Management

Identify risk to your customer information and ensure the appropriate security controls are implemented in accordance with GLBA.

System Monitoring & Testing

Ensure the effectiveness of your security controls and safeguards through vulnerability assessments, simulated cyber-attacks and penetration testing.

Security Awareness Training

Training for your staff to ensure security awareness with regular refreshers. Training can be customized for security personnel.

Vendor Monitoring

A program that monitors any person or entity that receives, maintains, processes, or otherwise is permitted access to customer information.

Information Security Program Management

Focused on keeping your information security program current with emerging threats, changes in personnel and other material impacts.

Incident Response Plan

A written response and recovery plan to manage security events and incidents. Establish partnerships with existing providers to help manage an incident.

Compliance Reporting

An overall assessment of your company's compliance with its information security program for consumption by your Board of Directors or governing body.

Our Focus

Our GLBA services are designed to meet all elements of the Safeguards Rule and can be tailored to fit the budget and maturity of your business. You can customize a program that focuses on the services that are most vital to your operations.

Program Manager

Experienced and knowledgeable personnel to serve as your designated individual and supervise your information security program in accordance with GLBA.

Safeguard Controls

Information security controls designated to reduce identified risks and ensure GLBA safeguards are met.

Risk Management

Identify risk to your customer information and ensure the appropriate security controls are implemented in accordance with GLBA.

System Monitoring & Testing

Ensure the effectiveness of your security controls and safeguards through vulnerability assessments, simulated cyber-attacks and penetration testing.

Security Awareness Training

Training for your staff to ensure security awareness with regular refreshers. Training can be customized for security personnel.

Vendor Monitoring

A program that monitors any person or entity that receives, maintains, processes, or otherwise is permitted access to customer information.

Information Security Program Management

Focused on keeping your information security program current with emerging threats, changes in personnel and other material impacts.

Incident Response Plan

A written response and recovery plan to manage security events and incidents. Establish partnerships with existing providers to help manage an incident.

Compliance Reporting

An overall assessment of your company's compliance with its information security program for consumption by your Board of Directors or governing body.

Our Benefits

Objective & knowledgeable assessments
Proven techniques and strategies
Cost savings
No personnel certification costs
Target high-priority tasks

Access to cutting-edge tools & technology
No turnover
Security awareness training
Institutionalize your security processes
Control design & automation

Objective & knowledgeable assessments
Proven techniques and strategies
Cost savings
No personnel certification costs
Target high-priority tasks
Access to cutting-edge tools & technology
No turnover
Security awareness training
Institutionalize your security processes
Control design & automation

Schedule your GLBA risk assessment

“Our partnership with CompliancePoint has allowed us to strengthen both our compliance and security frameworks. Their technical knowledge and industry expertise has been indispensable to our organization.”

Doug E. Kreulen

President and CEO, Metropolitan Nashville Airport Authority

“The guidance and reassurance put me at ease when it comes to new program reviews.”

Bill Heep

Director Call Management & Regulatory Compliance, Harland Clarke

"CompliancePoint's professional, responsive and knowledgeable staff's approach...fully supported one of Binary Fountain's top priorities, which is to ensure the security and privacy of our client's data."

Mark Beckmeyer

Director of IT Security, Binary Fountain

"During three years working with CompliancePoint, we've benefited from their organized, consistent, and thorough approach. From our initial certification process to subsequent renewals, they helped us achieve clear goals. Having an auditor who really knows our business is extremely beneficial. They bring clarity to a challenging process. We're thrilled to work with them for all of our compliance needs."

Brian DeShong

VP of Engineering, ShootProof

“CompliancePoint allows our clients and our team to sleep better at night knowing that the labyrinth of regulations are being followed and that customer data is locked down.”

Bill Colton

CEO, Global Telesourcing

“You guys are phenomenal.  Always great to work with; always pleasant."

Carlos Romero

CTO, Gemstone Payments

“Excellent management and professionalism at all levels.  The process is both challenging and rewarding as it yields real information that we can use to build improvements in our policies, process, and security.”

John Billington

CTO, TSD Global
Records Icon

10 Billion+

Records Audited

Expert Witness

150+

Cases as an
Expert Witness

Companies Icon

2,500+

Companies Served

92 Net Promoter Score

+86

Net Promoter Score - Our Customers Love Us!