MANAGE AND CONTROL RISK

Administrative Rules of Montana (ARM)

Section: 6.6.7011

Jurisdiction: MT

Bluebook Citation: Mont. Admin. R. 6.6.7011

(1) The licensee: (a) designs its information security program to control the identified risks, commensurate with the sensitivity of the information, as well as the complexity and scope of the licensee's activities; (b) trains staff, as appropriate, to implement the licensee's information security program; and (c) regularly tests or otherwise monitors the key controls, systems and procedures of the information security program. The frequency and nature of these tests are determined by the licensee's risk assessment. Authorizing statute(s): 33-19-106 , MCA Implementing statute(s): 33-19-102 and 33-19-306 , MCA History: NEW, 2005 MAR p. 426, Eff. 4/1/05.

Chat with this regulation using AI

Ask CiteLaw's AI Navigator anything about this regulation, verify citations, and research related authorities. Sign up for CiteLaw free today to get started.