What is an Information Security Policy?

An Information Security Policy is the guiding document, the backbone, of your information security program. It should be a high level description of the controls your credit union will use to secure your information. This policy is also a GLBA requirement.

What is CUC's approach to writing an information security policy?

Practical. We produce well branded, clear, concise policies that state what controls your credit union has in place. The main purpose of these policies is to comply with regulations. If you have a secure, efficient IT infrastructure, you do not need a document stating it unless you are subject to regulations requiring the document. Unfortunately, credit unions are required to go through the motions. That is why CUC creates policies that present, look and read very professionally. We include just enough of the right information, but not too much. Our common goal is that your credit union has a policy that is compliant while not creating burden to show evidence of its use or to maintain.

Does CUC help credit unions prepare for and navigate exams?

Yes. We have an incredible amount of experience helping credit unions successfully negotiate exams. Our clients can attest to how we prepare all their IT materials and meet with the examiners regarding IT matters. Because we plan, because we execute, because we document, our entire process of caring for a credit union's IT system and information security program is extremely exam ready.

If you would like to learn more about our IT policy services, you can contact the following:

Paul Elder 614-848-5400 ext 121 or email Paul
Larry Krietemeyer 614-848-5400 ext 143 or email Larry