Ala. Admin. Code r. 482-1-126-.08

Current through Register Vol. 43, No. 1, October 31, 2024
Section 482-1-126-.08 - Manage And Control Risk

The licensee:

(a) Designs its information security program to control the identified risks, commensurate with the sensitivity of the information, as well as the complexity and scope of the licensee's activities.
(b) Trains staff, as appropriate, to implement the licensee's information security program.
(c) Regularly tests or otherwise regularly monitors the key controls, systems and procedures of the information security program. The frequency and nature of these tests or other monitoring practices are determined by the licensee's risk assessment.

Author: Commissioner of Insurance

Ala. Admin. Code r. 482-1-126-.08

New Rule: May 6, 2003; effective May 16, 2003. Filed with LRS May 7, 2003. Rule is not subject to the Alabama Administrative Procedure Act.

Statutory Authority:Code of Ala. 1975, §§ 27-2-17, 27-7-44; 15 U.S.C. §§6801 - 6827.