Estonian Financial Supervision Authority imposed requirements for information technology
The Estonian Financial Supervision Authority (EFSA) imposed the advisory guidelines titled "Requirements for organization in the field of information technology". The guidelines will enter into force on January 1, 2005 and affect all Estonian financial institutions.
The guidelines offer financial firms a clearer understanding which IT processes they should prioritize and which constitute as being primary risk areas. "Risks related to IT processes must be assessed on a regular basis and if necessary, corrections and changes should be made to the existing work arrangement," commented Toomas Kirt on the necessity of the guidelines, the EFSA's IT auditor.
"The guidelines serve as a tool for financial institutions to detect the risks in critical areas. By following the requirements laid down in the guidelines, it should be ensured that company information can be accessed only by those who need it to fulfill their tasks, and that there would be adequate tracking to detect possible unauthorized access," said Kirt.
The new guidelines provide an updated and clearer framework regarding how financial institutions should manage their IT processes more efficiently and securely. At the same time, the financial services market will gain more reliability for its customers.
Upon compilation of the guidelines, the EFSA took into account the requests and comments from market participants. The guidelines are available on the EFSA homepage: www.fi.ee > Legislation > Guidelines of Estonian Financial Supervision > Requirements for organization of the field of information technology.
Head of Communication
Phone: + 372 6680 546
livia dot kulm at fi dot ee