Current through Register Vol. 71, No. 49, December 6, 2024
Rule 26-A3616 - ASSESS RISK3616.1The licensee shall:
(a) Identify reasonably foreseeable internal or external threats that could result in unauthorized disclosure, misuse, alteration or destruction of customer information or customer information systems;(b) Assess the likelihood and potential damage of these threats, taking into consideration the sensitivity of customer information; and(c) Assess the sufficiency of policies, procedures, customer information systems and other safeguards in place to control risks.D.C. Mun. Regs. tit. 26, r. 26-A3616
Emergency Rulemaking published at 47 DCR 9052(November 10, 2000) [EXPIRED]; Emergency Rulemaking published at 48 DCR 2356(March 16, 2001) [EXPIRED]; as Emergency Rulemaking published at 48 DCR 6119(July 1, 2001) [EXPIRED]; as Final Rulemaking published at 48 DCR 8005 (August 24, 2001); as Final Rulemaking published at 50 DCR 1517(February 14, 2003)