GLBA Safeguards Rule
FTC Safeguards Rule (Gramm-Leach-Bliley Act Title V), 16 CFR Part 314, as amended by the 2021 Final Rule.
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (7)
Incident Response
| Code | Title |
|---|---|
| §314.4(h) | Written Incident Response Plan |
Information Security Program
| Code | Title |
|---|---|
| §314.3 | Standards for Safeguarding Customer Information |
| §314.4(a) | Designation of a Qualified Individual |
| §314.4(e) | Personnel Training and Security Awareness |
| §314.4(g) | Evaluation and Adjustment of the Information Security Program |
Other
| Code | Title |
|---|---|
| §314.1 | Purpose and Scope |
| §314.5 | Effective Date and Phased Implementation |
Reporting
| Code | Title |
|---|---|
| §314.4(i) | Annual Report to Board or Governing Body |
Risk Assessment
| Code | Title |
|---|---|
| §314.4(b) | Written Risk Assessment |
Safeguards
| Code | Title |
|---|---|
| §314.4(c)(1) | Access Controls |
| §314.4(c)(2) | Data and System Inventory |
| §314.4(c)(3) | Encryption of Customer Information |
| §314.4(c)(4) | Secure Development Practices |
| §314.4(c)(5) | Multi-Factor Authentication |
| §314.4(c)(6) | Secure Disposal |
| §314.4(c)(7) | Change Management |
| §314.4(c)(8) | Logging and Monitoring of Authorized User Activity |
| §314.4(d) | Testing and Monitoring of Safeguards (Pen Testing and Vulnerability Assessment) |
Service Providers
| Code | Title |
|---|---|
| §314.4(f) | Oversight of Service Providers |
Frequently Asked Questions
What is GLBA Safeguards Rule?
GLBA Safeguards Rule is a compliance framework from United States with 7 domains and 19 controls. FTC Safeguards Rule (Gramm-Leach-Bliley Act Title V), 16 CFR Part 314, as amended by the 2021 Final Rule. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does GLBA Safeguards Rule have?
GLBA Safeguards Rule has 19 controls organised across 7 domains. The largest domains are Safeguards (9 controls), Information Security Program (4 controls), Other (2 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does GLBA Safeguards Rule map to?
GLBA Safeguards Rule does not currently have cross-framework mappings in our system. Check back as we continuously expand our mapping database.
How do I get started with GLBA Safeguards Rule compliance?
Start your GLBA Safeguards Rule compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about GLBA Safeguards Rule requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 19 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 769 frameworks.
Get Started Free →Free forever — no credit card required