HOME    SEARCH    ABOUT US    CONTACT US    HELP   
           
Rule: 6.6.7011 Prev     Up     Next    
Rule Title: MANAGE AND CONTROL RISK
Add to My Favorites
Add to Favorites
Department: STATE AUDITOR
Chapter: INSURANCE DEPARTMENT
Subchapter: Insurance Standards for Safeguarding Personal Information
 
Latest version of the adopted rule presented in Administrative Rules of Montana (ARM):

Printer Friendly Version

6.6.7011    MANAGE AND CONTROL RISK

(1) The licensee:

(a) designs its information security program to control the identified risks, commensurate with the sensitivity of the information, as well as the complexity and scope of the licensee's activities;

(b) trains staff, as appropriate, to implement the licensee's information security program; and

(c) regularly tests or otherwise monitors the key controls, systems and procedures of the information security program. The frequency and nature of these tests are determined by the licensee's risk assessment.

History: 33-19-106, MCA; IMP, 33-19-102 and 33-19-306, MCA; NEW, 2005 MAR p. 426, Eff. 4/1/05.


 

 
MAR Notices Effective From Effective To History Notes
4/1/2005 Current History: 33-19-106, MCA; IMP, 33-19-102 and 33-19-306, MCA; NEW, 2005 MAR p. 426, Eff. 4/1/05.
Home  |   Search  |   About Us  |   Contact Us  |   Help  |   Disclaimer  |   Privacy & Security